The Shutterfly company reported a ransomware attack on Sunday. The incident was first reported by Bleeping Computer, indicating that the company had been attacked by the Conti ransomware group.
In a statement, the company said parts of its Lifetouch and BorrowLenses business have been affected. Groovebook, manufacturing offices, and some business systems also suffered disruption.
Law enforcement has been contacted and a cybersecurity company has also been hired to help respond to the incident.
Conti has started disclosing the stolen information on a leaksite, according to Bleeping Computer, which adds that the attack began about two weeks ago and involves a multi-million ransom demand.
Last week, researchers at security firm Advanced Intelligence discovered the Conti ransomware group exploiting VMware vCenter Server instances through the Log4j vulnerabilities.
In a report, security firm Advanced Intelligence said it spotted conversations between several Conti members discussing ways to take advantage of the Log4j vulnerabilities, making it the first sophisticated ransomware group spotted attempting to exploit the vulnerability.
The company explains that it has observed “multiple use cases in which the Conti group has tested the possibilities of using the Log4J2 exploit”.
The company noted that its research on ransomware groups shows that Conti has earned more than $ 150 million in the past six months. Advanced Intelligence has established a timeline of events regarding Conti’s interest in Log4j, which began on November 1, when the group sought to find new attack vectors. Throughout November, Conti overhauled their infrastructure in preparation for expansion, and on December 12, they identified Log4Shell as a possibility.
On December 15, they started actively targeting vCenter networks.
The CISA and the FBI said in September that they had seen more than 400 attacks involving Conti’s ransomware and targeting U.S. organizations as well as international businesses. The FBI previously implicated Conti in attacks on at least 290 organizations in the United States.
Conti has made a name for itself attacking hundreds of healthcare facilities – including a ransomware attack on the Medical Service of Ireland on May 14 – as well as schools like the University of Utah and others organizations like the Municipality of Tulsa, Oklahoma and the Scottish Environmental Protection Agency.
Source: “ZDNet.com”