Providing services in photography Shutterfly is one of the most recent companies to fall prey to the Clop ransomware, although the company insists that consumer and staff data are not at risk. Clop ransomware operators have exploited key vulnerabilities in the widely used MOVEit file transfer application to get access to the computer networks of hundreds of businesses, many of which are leaders in their respective sectors.
The massive photographic provider Shutterfly, which has its headquarters in California, has become the most recent victim of the data leak site run by Clop. The firm runs a number of other brands in addition to Shutterfly.com. Some examples of these brands are Spoonflower, Snapfish, Lifetouch, and Shutterfly Business Solutions (SBS).
This week, the Clop ransomware group published a blog in which they claimed that “the company does not care about its customers [and] it ignored their security!!!.”
However, in a statement , a spokeswoman for Shutterfly strongly disagrees with this assessment.
“Shutterfly can confirm that it was one of the several firms that were vulnerable due to the MOVEit flaw. According to the individual who talked with the cybernews site, the enterprise business section of Shutterfly known as Shutterfly Business Solutions (SBS) has utilized the MOVEit platform for part of its operations.
“As soon as the company became aware of the vulnerability at the beginning of June, they moved quickly to take action. They immediately took the relevant systems offline, implemented patches that were provided by MOVEit, and started a forensics review of certain systems with the assistance of leading forensic firms.”
“After conducting an in-depth investigation with the assistance of a leading third-party forensics firm, we have no indication that any Shutterfly.com, Snapfish, Lifetouch, nor Spoonflower consumer data or any employee information was impacted by the MOVEit vulnerability,” the spokesman said. “Shutterfly.com, Snapfish, Lifetouch, nor Spoonflower consumer data was also not impacted by the MOVEit vulnerability.”
It is not obvious what information Clop intends to use in order to blackmail the picture giant. If Shutterfly has determined that customer data is secure, then the only thing that Clop may be able to use as leverage is their intellectual property, provided that they have managed to get anything at all. Every week, the number of businesses that have had their systems compromised by Clop because of unpatched MOVEit instances increases. The developer of MOVEit, Progress Software, issued a warning in June that their file transfer platform included a total of three vulnerabilities that malicious actors might take use of. Multiple resources are made available to IT administrators by the firm in order to thwart threats.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.