Threats

Photography site Shutterfly is dealing with a ransomware attack

The company said that no financial information was included in the attack.

December 27, 2021

(Photo by Lester Cohen/Getty Images for Shutterfly)

American photography company Shutterfly has experienced a ransomware attack on parts of its networks, the company confirmed in a statement late Sunday night.

“We engaged third-party cybersecurity experts, informed law enforcement, and have been working around the clock to address the incident,” the company said in a statement shared with CyberScoop.

The incident interrupted portions of the company’s Lifetouch and BorrowLenses business, Groovebook, manufacturing and some internal corporate systems. The Daily Beast first confirmed the attack.

The company declined to comment on whether it was actively negotiating with the cybercriminals behind the ransomware attack. The company says that credit card, financial account information and Social Security numbers were not affected.

“However, understanding the nature of the data that may have been affected is a key priority and that investigation is ongoing,” the company said.

The attack appears to be the work of the Conti ransomware group, according to screenshots of the gang’s leak page first obtained by cybersecurity news outlet Bleeping Computer. Stolen data shown on the screenshots “include legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and what appears to be customer information, including the last four digits of credit cards.”

Conti runs “double extortion” campaigns in which hackers encrypt and steal files. In the scheme, they demand a ransom from the victim in order to restore access to the systems; if the victim doesn’t pay, the actors threaten to leak the stolen data.

Conti has been linked to several major attacks, including against the Tulsa police and Ireland’s public health system. The Department of Homeland Security’s cybersecurity agency, the FBI and National Security Agency in September warned of an increase of Conti ransomware attacks.

The ransomware attack did not impact Shutterfly.com, Snapfish, TinyPrints or Spoonflower sites, according to the company.

Updated 12/27/21: To include additional information from Shutterfly.

Photography site Shutterfly is dealing with a ransomware attack

More Like This

Stolen Change Healthcare data could contain information on ‘a substantial portion’ of Americans

‘Large volume’ of data stolen from UN agency after ransomware attack

Congress rails against UnitedHealth Group after ransomware attack

Top Stories

Iranian nationals charged with hacking U.S. companies, Treasury and State departments

Democratic operative behind Biden AI robocall says lawsuit won’t ‘get anywhere’

FCC wants rules for ‘most important part of the internet you’ve probably never heard of’

More Scoops

Ransomware group behind Change Healthcare attack goes dark

Notorious ransomware group claims responsibility for attacks roiling US pharmacies

US cyber officials offer technical details associated with CL0P ransomware attacks

FIN7 returns with new ransomware attacks

Ransomware gangs increasingly deploy zero-days to maximize attacks

Ransomware attacks surge against US manufacturing plants

Notorious Russian military hacking crew behind October ransomware attacks on Ukraine, Poland

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

Rumman Chowdhury on AI red-teaming; a Sisense supply chain attack

Government

Technology

Threats

Geopolitics