Online photography firm Shutterfly has confirmed that employee information has been compromised in a data breach resulting from a Conti ransomware attack last December, BleepingComputer reports.
After infiltrating Shutterfly's network on Dec. 3, the Conti ransomware gang distributed the ransomware on Dec. 13, when the company first discovered the compromise, according to a data breach notification from Shutterfly filed with California Attorney General's Office.
"The attacker both locked up some of our systems and accessed some of the data on those systems. This included access to personal information of certain people, including you," the notification said.
Employees' personal data, including their names, compensation details, FMLA leave, and workers' compensation claims may have been compromised by the attack.
Shutterfly has provided individuals impacted by the breach with free Equifax credit monitoring for two years. BleepingComputer had reported in December that more than 4,000 devices and 120 VMware ESXi servers from Shutterfly had been encrypted by Conti.
Large Catholic nonprofit hired Mandiant to investigate what’s now an unspecified cybersecurity incident that has reportedly forced hospitals in at least Maryland, Michigan, Kansas, and Wisconsin to shut down its systems.
Boeing has confirmed being the unnamed multinational aeronautical and defense corporation demanded by the LockBit ransomware operation to pay a $200 million ransom as mentioned in an unsealed indictment against LockBit administrator Dmitry Yuryevich Khoroshev, also known as LockBitSupp, according to CyberScoop.
Kansas' City of Wichita was claimed to have been disrupted by the LockBit ransomware operation, which threatened to expose all files exfiltrated from the city's network by May 15 should city officials refuse ransom payment, BleepingComputer reports.