Exploit: Ransomware
Shutterfly: Photography Retail Platform
Risk to Business: 2.735 = Moderate
Shutterfly has disclosed a data breach that exposed employee information in a ransomware attack by the Conti group. Shutterfly disclosed that its network was breached on December 3rd, 2021, and threat actors gained access to employee information. The company went on to disclose that documents stolen during the attack may have contained employees’ personal information, including names, salary and compensation information and FMLA leave or workers’ compensation claims. Shutterfly is offering two years of free credit monitoring from Equifax for those affected.
How It Could Affect Your Customers’ Business: Personal data is a hot ticket item, and big companies often have a storehouse of it in their employee records.
Source: bleeping computer