Just a few days before one of the most famous auction houses in the world, Christie’s, was slated to hold its flagship spring sales, it took its website offline.
According to the New York Times, collectors noticed the problem on Thursday evening, May 9. By the morning, a temporary site was set up, using another domain. A spokesperson told the media that Christie’s systems had experienced a security issue, which had also affected the website.
The British auction house had been the victim of a cyberattack. But by whom?
This week, on Monday, May 27, 2024, the hacker group RansomHub claimed they were behind the attack.
In a post on the dark web, the group claimed to have uncovered the sensitive personal information such as address, names, race, and “much more sensitive information” of over 500,000 Christie’s clients, and were now selling it off to the highest bidder.
According to SecureWorld, the group said it had “obtained personal data on Christie's ultra-rich clients including their identities, locations, buying history, financial information, and more.”
The group further threatened, "if our monetary demands are not met quickly, we will not hesitate to sell or publish this invaluable data."
According to cybersecurity threat analyst Brett Callow, however, RansomHub’s threats are likely empty.
“It's extremely unlikely that anybody would want to buy the information, and this is simply a Hail Mary effort to squeeze some money from Christie's,” he said on X on Thursday.
“Also, the criminals will now be able to claim the info was sold rather than having to lose face by admitting they were unable to monetize a very high profile attack.Also, the criminals will now be able to claim the info was sold rather than having to lose face by admitting they were unable to monetize a very high profile attack.”
According to the New York Times, Christie’s said on Thursday that it had notified the US Federal Bureau of Investigation as well as British police of the cyberattack, and were reaching out to clients affected, informing them what types of data had been unlawfully collected.
“Our investigations determined there was unauthorized access by a third party to parts of Christie’s network. They also determined that the group behind the incident took some limited amount of personal data relating to some of our clients. There is no evidence that any financial or transactional records were compromised,” a Christie’s spokesperson told SecurityWeek.
Also read
