Exploit: Ransomware
Digital Image & Photography Services: Digital Image & Photography Services
Risk to Business: 1.876=Severe Shutterfly has been hit with a Conti ransomware attack that allegedly encrypted over 4,000 devices and 120 VMware ESXi servers. On the Conti leak site, they offer samples of stolen Shutterfly data including legal agreements, bank and merchant account info, login credentials for corporate services, spreadsheets, and customer information, including the last four digits of credit cards. Shutterfly said in a statement that their Shutterfly.com, Snapfish, TinyPrints, or Spoonflower sites were not affected by the attack. However, their corporate network, Lifetouch, BorrowLenses, and Groovebook experienced service disruptions.
Individual Impact: Although there appears to be customer data involved in this incident including payment card data, that exposure has not been confirmed and no further information was available at press time.
Customers Impacted: Unknown
How It Could Affect Your Customers’ Business : Ransomware risk is rising for organizations in every sector, especially companies that provide important services for other businesses as well as retail users.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.