SECURITY
SECURITY
SECURITY
Photo services giant Shutterfly suffers ransomware attack
Shutterfly LLC, the operator of several popular e-commerce services focused on the photography market, has suffered a ransomware attack.
The breach was first reported by Bleeping Computer this morning. According to the publication, the breach was carried out by the Conti ransomware group. The group previously carried out ransomware attacks against more than 400 organizations worldwide, the U.S. Cybersecurity and Infrastructure Security Agency stated in a September advisory.
Redwood City, California-based Shutterfly LLC operates a popular e-commerce service that enables users to turn their photos into personalized products such as photo books and cards. The company also operates several subsidiaries that compete in areas such as the home décor market.
Shutterfly traded on the Nasdaq until 2019, when it was acquired by investment firm Apollo Global Management LLC in a $2.7 billion transaction. At the time of the deal, Shutterfly had about 10 million customers who made more than 26 million orders every year. Thanks to a series of acquisitions that the company made after going private, its installed base has since grown to more than 20 million customers.
In a statement about the ransomware attack posted on its website, Shutterfly said the breach has affected several parts of its network, though it said Shutterfly.com, Snapfish.com, TinyPrints.com and Spoonflower were not affected.
The company detailed that portions of its Lifetouch and BorrowLenses businesses, along with the Groovebook division, “have been experiencing interruptions.” Shutterfly’s manufacturing operations and certain unspecified “corporate systems” are affected by the interruptions as well.
According to Shutterfly, customers’ financial account information and Social Security numbers are not believed to have been compromised in the breach.
“We do not store credit card, financial account information or the Social Security numbers of our Shutterfly.com, Snapfish, Lifetouch, TinyPrints, BorrowLenses, or Spoonflower customers, and so none of that information was impacted in this incident,” the company stated. “However, understanding the nature of the data that may have been affected is a key priority and that investigation is ongoing. We will continue to provide updates as appropriate.”
Shutterfly has contacted law enforcement and hired outside cybersecurity experts to help it address the incident.
Image: Shutterfly
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
