Digital photography company Shutterfly reported a ransomware[1] attack on Sunday. The incident was first reported by Bleeping Computer[2], which said a source told them the company was attacked by the Conti ransomware group.  

In a statement, the company said portions of the Lifetouch and BorrowLenses business were affected. They experienced interruptions with Groovebook, manufacturing offices, and some corporate systems as well. 

Law enforcement has been contacted and a cybersecurity company was also hired to help respond to the incident. 

"As part of our ongoing investigation, we are also assessing the full scope of any data that may have been affected. We do not store credit card, financial account information, or the Social Security numbers of our Shutterfly.com, Snapfish, Lifetouch, TinyPrints, BorrowLenses, or Spoonflower customers, and so none of that information was impacted in this incident," Shutterfly explained.

"However, understanding the nature of the data that may have been affected is a key priority and that investigation is ongoing. We will continue to provide updates as appropriate."

Conti began leaking information it stole to a leak site, according to Bleeping Computer, which added that the attack started about two weeks ago and involves a ransom demand in the millions. 

Last week, researchers with security firm Advanced Intelligence discovered the Conti ransomware group[3] exploiting VMware vCenter Server instances through the Log4j vulnerabilities[4].

In a report[5], the security company said it discovered multiple members of Conti discussing ways to take advantage of the Log4j issue, making them the first sophisticated ransomware group spotted trying to weaponize the vulnerability. 

AdvIntel said the current exploitation "led to multiple use cases through which the Conti group tested the possibilities of utilizing the Log4J2 exploit." 

They noted that their research of ransomware logs shows Conti

Read more from our friends at ZDNet