Hacking group claims it stole client data from Christie’s

By James Tarmy and Jake Bleiberg

The attack, which led to the auction house taking down its site on May 9, came days before Christie’s began its all-important 20th and 21st century May auctions in New York. This briefly threw the success of the auctions in doubt. — Unsplash

After a cyberattack on Christie’s auction house earlier this month, a hacker group called RansomHub claimed responsibility.

In a post on the dark web Monday, RansomHub said that it had gained access to the personal information of the firm’s wealthy clients and published what it claimed was a “sample” with a few names, nationalities and birth dates. The group posted the information along with a countdown clock, suggesting they would publish the entire trove in early June.

The group’s claims and the authenticity of the data it published could not be immediately verified. But a Christie's spokesperson acknowledged that some client information was taken.

“Our investigations determined there was unauthorised access by a third party to parts of Christie’s network,” wrote the spokesperson in a statement on Monday. “They also determined that the group behind the incident took some limited amount of personal data relating to some of our clients. There is no evidence that any financial or transactional records were compromised.”

The attack, which led to the auction house taking down its site on May 9, came days before Christie’s began its all-important 20th and 21st century May auctions in New York. This briefly threw the success of the auctions in doubt.

But Christie’s, which at the time called the attack a “technology security incident”, was able to post its auction catalogues on a separate site, and gave collectors who registered a link to bid online.

All told, the main Christie’s website was offline for approximately 10 days.

Christie’s is held by the billionaire Pinault family’s Artemis SA. Last year, the auction house reported global sales of approximately US$6.2bil (RM29.08bil).

Brett Callow, a threat researcher at the cybersecurity firm Emsisoft, said it appears “quite likely” that RansomHub was involved in the breach of Christie’s but it’s not clear whether the group made off with as much data as they claim. “The biggest concern in this case may be the possibility of the location of very expensive artworks being posted online,” Callow told Bloomberg in an email.

The Christie’s spokesperson added that “Christie’s is currently notifying privacy regulators, government agencies as well as in the process of communicating shortly with affected clients”. – Bloomberg

Related stories:
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
Anthropic buys Super Bowl ads to slap OpenAI for selling ads in ChatGPT
Chatbot Chucky: Parents told to keep kids away from talking AI dolls
South Korean crypto firm accidentally sends $44 billion in bitcoins to users
Opinion: Chinese AI videos used to look fake. Now they look like money
Anthropic mocks ChatGPT ads in Super Bowl spot, vows Claude will stay ad-free
Tesla 2.0: What customers think of Model S demise, Optimus robot rise
Vista Equity Partners and Intel to lead investment in AI chip startup SambaNova, sources say
Apple plans to allow external voice-controlled AI chatbots in CarPlay, Bloomberg News reports
Goldman Sachs teams up with Anthropic to automate banking tasks with AI agents, CNBC reports
US Justice Department casts wide net on Netflix's business practices in merger probe, WSJ reports

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.