Shutterfly Services Disrupted By Conti Ransomeware Attack (bleepingcomputer.com) 21
Photography and personalized photo giant Shutterfly has suffered a Conti ransomware attack that allegedly encrypted thousands of devices and stole corporate data. BleepingComputer reports: On Friday, a source told BleepingComputer that Shutterfly suffered a ransomware attack approximately two weeks ago by the Conti gang, who claims to have encrypted over 4,000 devices and 120 VMware ESXi servers. While BleepingComputer has not seen the negotiations for the attack, we are told that they are underway in progress and that the ransomware gang is demanding millions of dollars as a ransom. Conti has created a private Shutterfly data leak page containing screenshots of files allegedly stolen during the ransomware attack, as part of this "double-extortion" tactic. The attackers threaten to make this page public if a ransom is not paid.
BleepingComputer has been told that these screenshots include legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and what appears to be customer information, including the last four digits of credit cards. Conti also claims to have the source code for Shutterfly's store, but it is unclear if the ransomware gang means Shutterfly.com or another website. After contacting Shutterfly on Friday about the attack, BleepingCompuer was sent a statement confirming the ransomware attack late Sunday night. This statement [...] says that the Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLeneses, and Groovebook had disrupted services. While Shutterfly states that no financial information was disclosed, BleepingComputer was told that one of the screenshots contains the last four digits of credit cards, so it is unclear if there is further, and more concerning, information stolen during the attack.
BleepingComputer has been told that these screenshots include legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and what appears to be customer information, including the last four digits of credit cards. Conti also claims to have the source code for Shutterfly's store, but it is unclear if the ransomware gang means Shutterfly.com or another website. After contacting Shutterfly on Friday about the attack, BleepingCompuer was sent a statement confirming the ransomware attack late Sunday night. This statement [...] says that the Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLeneses, and Groovebook had disrupted services. While Shutterfly states that no financial information was disclosed, BleepingComputer was told that one of the screenshots contains the last four digits of credit cards, so it is unclear if there is further, and more concerning, information stolen during the attack.
Another one bites the dust (Score:1)
It is really time to re-think business software and OSes. In particular that MS crap has to go or we will never get acceptable levels of security.
Re: (Score:1)
OK... how would you fix things? MS has done a lot to ensure system integrity, from Secure UEFI to sandboxing. The only reason why Windows gets hit is because it is the primary OS out there. Before Windows, it was Solaris. If Windows went away, Linux would be grind to a pulp.
Of course, we can turn all desktop machines into iOS/iPadOS like devices with very little functionality or allowing for a functional workflow, but the security gains of this may not be worth the productivity losses.
Of course, we can
Re: (Score:2)
You can be phished on any OS; They all have vulnerabilities that can be exploited.
I am not defending Microsoft or Windows. I am just saying that you are only as secure as your security practices.
I would even argue that modern Windows operating systems have more protections against ransomware than other operating systems.
Re: (Score:2)
You can be phished on any OS; They all have vulnerabilities that can be exploited.
The problem is crappy email software and Outlook makes it especially easy.
I am not defending Microsoft or Windows. I am just saying that you are only as secure as your security practices.
Not quite true: It is a combination of user behavior and how easy the software used makes it to trick the user.
I would even argue that modern Windows operating systems have more protections against ransomware than other operating systems.
Sure. Because they needs it much, much more. In the end, the overall security level is what counts and there MS plain sucks.
Alternative Idea (Score:2)
Shitterfly? Services? (Score:2)
What is that, and who cares about it?
Re: (Score:2)
Some company that survived the .com bust, apparently.
From wikipedia:
Shutterfly was founded in December 1999 as an internet-based social expression and personal publishing service.
I guess they had a business plan? And a revenue model? I'm almost impressed!
Re: (Score:2)
Also from Wikipedia, it appears they are mostly a photo-printing and gift service.
Re: (Score:2)
Shutterfly also prints health insurance documents, so this breach might be a bit worse than they're letting on.
Re: (Score:2)
Ah, well... But still, if there is no legal use for this stolen data, the damage cannot be that great.
Mandatory Disclosure (Score:2)
Re: (Score:2)
Re: (Score:2)
This is very easy to get around:
1: Victim of ransomware attack has a ransom demand of $100.
2: They hire an offshore consulting service to help "decode" the ransomware and "decrypt" the files for $110.
3: The consulting service pays the ransom, forwards the decryption keys.
4: ???
5: Profit! for both the ransomware guys and the consulting service, and the data back for the victim, with the laws about jail time of handing money to hostile nation-states completely bypassed. Having the consulting service off
Re: (Score:2)
The stock market is way up, including most companies that experienced a ransomware attack.
Re: (Score:2)
SFLY is defunct since September 23, 2019. Delisted
Re: (Score:2)
False. They were purchased and went private. They delisted themselves. Different than defunct. Defunct is dead, failed. This is merely private, unlisted. Available by appointment only.
WTF (Score:2)
Ransomeware?
Yet another typo from Beau that will never get corrected. Incompetent. You have one job as an editor.
Re: (Score:2)
On Slashdot, that job is to troll.
The only criteria for a front page submission is that it must attract comments.
The editors are a little worse than usual these days but frankly not much different from what we've had before.
Re: (Score:2)
It's a spectrum. Ransomeware encrypts a smallish fraction of files, typically files with common office-application extensions. Ranmoreware encrypts a larger fraction of files, perhaps including source code and files without extensions. Ranallware encrypts all files, which usually is counterproductive because the operating system does are encrypted and cannot run.
Editors don't care (Score:2)
Their passive resistance and general opposition to quality content is why Dicedot needs to be rid of them. Everything they do is blatant shit but they have either equity in Slashdot or the real owners don't care.