Shutterfly, an online retail and photography platform, has become the latest target of the Clop ransomware gang, which exploited the MOVEit File Transfer utility vulnerability to breach numerous companies and steal their data for extortion purposes. The attack lists Shutterfly on the data leak site along with other targeted companies, primarily via the MOVEit SQL Injection vulnerability (CVE-2023-34362).
However, Shutterfly assures that customer and employee data remain safe, as they swiftly responded to the vulnerability, applying patches, and conducting forensic reviews with leading firms’ assistance.
Clop ransomware has been on a hacking spree, compromising the security of hundreds of organizations by exploiting MOVEit vulnerabilities and gaining access to sensitive data. Notable names such as Shell, Deutsche Bank, and various universities have also confirmed being impacted by the attacks. Shutterfly’s proactive response and secure data practices helped prevent the exposure of customer and employee information.
Additionally, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that several federal agencies, including the U.S. Department of Energy entities, were also breached.
The Clop ransomware gang’s tactics involve stealing valuable data and deploying ransomware to encrypt network devices after gaining access to corporate networks through vulnerabilities like the MOVEit SQL Injection flaw.
Organizations using the MOVEit File Transfer utility should prioritize security measures, patching known vulnerabilities, and staying vigilant against potential new exploits that could be exploited in the wild. Shutterfly’s experience serves as a reminder for companies to remain proactive in safeguarding their data from ransomware threats and constantly monitor and update their security protocols to mitigate cyber risks.