Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security

Shutterfly Services Disrupted By Conti Ransomeware Attack (bleepingcomputer.com) 21

Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data. BleepingComputer reports: On Friday, a source told BleepingComputer that Shutterfly suffered a ransomware attack approximately two weeks ago by the Conti gang, who claims to have encrypted over 4,000 devices and 120 VMware ESXi servers. While BleepingComputer has not seen the negotiations for the attack, we are told that they are underway in progress and that the ransomware gang is demanding millions of dollars as a ransom. Conti has created a private Shutterfly data leak page containing screenshots of files allegedly stolen during the ransomware attack, as part of this "double-extortion" tactic. The attackers threaten to make this page public if a ransom is not paid.

BleepingComputer has been told that these screenshots include legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and what appears to be customer information, including the last four digits of credit cards. Conti also claims to have the source code for Shutterfly's store, but it is unclear if the ransomware gang means Shutterfly.com or another website. After contacting Shutterfly on Friday about the attack, BleepingCompuer was sent a statement confirming the ransomware attack late Sunday night. This statement [...] says that the Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLeneses, and Groovebook had disrupted services. While Shutterfly states that no financial information was disclosed, BleepingComputer was told that one of the screenshots contains the last four digits of credit cards, so it is unclear if there is further, and more concerning, information stolen during the attack.

This discussion has been archived. No new comments can be posted.

Shutterfly Services Disrupted By Conti Ransomeware Attack

Comments Filter:
  • It is really time to re-think business software and OSes. In particular that MS crap has to go or we will never get acceptable levels of security.

    • by Anonymous Coward

      OK... how would you fix things? MS has done a lot to ensure system integrity, from Secure UEFI to sandboxing. The only reason why Windows gets hit is because it is the primary OS out there. Before Windows, it was Solaris. If Windows went away, Linux would be grind to a pulp.

      Of course, we can turn all desktop machines into iOS/iPadOS like devices with very little functionality or allowing for a functional workflow, but the security gains of this may not be worth the productivity losses.

      Of course, we can

    • You can be phished on any OS; They all have vulnerabilities that can be exploited.

      I am not defending Microsoft or Windows. I am just saying that you are only as secure as your security practices.

      I would even argue that modern Windows operating systems have more protections against ransomware than other operating systems.

      • by gweihir ( 88907 )

        You can be phished on any OS; They all have vulnerabilities that can be exploited.

        The problem is crappy email software and Outlook makes it especially easy.

        I am not defending Microsoft or Windows. I am just saying that you are only as secure as your security practices.

        Not quite true: It is a combination of user behavior and how easy the software used makes it to trick the user.

        I would even argue that modern Windows operating systems have more protections against ransomware than other operating systems.

        Sure. Because they needs it much, much more. In the end, the overall security level is what counts and there MS plain sucks.

  • Why don't we just report on the company that didn't get ransomwared?
  • What is that, and who cares about it?

    • Some company that survived the .com bust, apparently.

      From wikipedia:

      Shutterfly was founded in December 1999 as an internet-based social expression and personal publishing service.

      I guess they had a business plan? And a revenue model? I'm almost impressed!

    • by leonbev ( 111395 )

      Shutterfly also prints health insurance documents, so this breach might be a bit worse than they're letting on.

  • Mandatory disclosure of breaches (hacking, ransom demand, blackmail, calling in of ransom money negotiators) is slowly becoming law in many countries .And if a listed stock, IMMEDIATE notification to the exchange - so share traders are not deceived by inside trading (because the blackmailers Do know, and play robinhood, and tell others, and probably can read the backup logs to estimate what cannot be replaced - where backup capture ratio is under 100%, find the shadow set of books, non arms length outgoings
    • One recalls 'negotiations' where the US law people were fully on the ball, stirred up like hornets, and got some bagmen for the blackmailers caught in supposedly 'safe' near Russia countries - really kicked ass. Even got some money back. Knowing this, the blackmailers will get smarter, and use low level mules, and maybe send out usb sticks to the top 20 shareholders, and select journalists CC www.icij.org if things turn nasty. Naturally honest entities will have nothing to fear, because they have nothing t
    • This is very easy to get around:

      1: Victim of ransomware attack has a ransom demand of $100.
      2: They hire an offshore consulting service to help "decode" the ransomware and "decrypt" the files for $110.
      3: The consulting service pays the ransom, forwards the decryption keys.
      4: ???
      5: Profit! for both the ransomware guys and the consulting service, and the data back for the victim, with the laws about jail time of handing money to hostile nation-states completely bypassed. Having the consulting service off

    • The stock market is way up, including most companies that experienced a ransomware attack.

      • SFLY is defunct since September 23, 2019. Delisted

        • False. They were purchased and went private. They delisted themselves. Different than defunct. Defunct is dead, failed. This is merely private, unlisted. Available by appointment only.

  • by nyet ( 19118 )

    Ransomeware?

    Yet another typo from Beau that will never get corrected. Incompetent. You have one job as an editor.

    • On Slashdot, that job is to troll.

      The only criteria for a front page submission is that it must attract comments.

      The editors are a little worse than usual these days but frankly not much different from what we've had before.

    • by Entrope ( 68843 )

      It's a spectrum. Ransomeware encrypts a smallish fraction of files, typically files with common office-application extensions. Ranmoreware encrypts a larger fraction of files, perhaps including source code and files without extensions. Ranallware encrypts all files, which usually is counterproductive because the operating system does are encrypted and cannot run.

    • Their passive resistance and general opposition to quality content is why Dicedot needs to be rid of them. Everything they do is blatant shit but they have either equity in Slashdot or the real owners don't care.

The opossum is a very sophisticated animal. It doesn't even get up until 5 or 6 PM.

Working...