Hackers steal data of 500,000 Christie's auction house customers and demand ransom
In early May, a cyberattack was carried out on the computer networks of the renowned London auction house Christie’s, claimed by the hacker group Ransomhub, according to Security Boulevard. The hackers are demanding a ransom, threatening to publish the data of approximately 500,000 Christie’s clients if their demands are not met.
A screenshot of the hackers' statement was posted on the social network X by security researcher Dominic Alvieri. It mentions that they attempted to negotiate with Christie’s for a “reasonable solution,” but the auction house “cut off communication halfway through.”
The perpetrators warned that publishing the confidential data of Christie’s clients would lead to “significant fines under GDPR” and damage the auction house’s reputation.
According to Ransomhub, they have stolen “confidential personal information” of at least 500,000 private Christie’s clients worldwide, including full names, gender, dates of birth, place of birth, and nationality. As evidence, the hackers released some sample data. The cybercriminals launched a countdown on their website, indicating their intention to publish the data in early June if Christie’s does not meet the ransom demand.
According to Bloomberg, due to the cyberattack, Christie’s was forced to shut down its website on May 9, a few days before an important spring auction in New York. As a result, the auction was held through an alternative website, and the main site was down for 10 days.
A Christie’s spokesperson acknowledged in an interview with the New York Times that a “limited amount of personal data of some clients” was stolen, noting that there is no evidence that financial or transactional data was compromised. The newspaper reminded that prior to the spring auction, Christie’s called the incident a “technological security issue,” downplaying the scale of the breach.
A Christie’s representative stated that the company is working with law enforcement on this matter and will notify affected clients shortly.
“Considering the high-profile clients Christie’s serves, it’s easy to see how much damage the publication of the data could cause them and Christie’s reputation,” noted Ray Kelly, a security expert from Synopsys Software Integrity Group.
Ani Chaudhuri, CEO of software developer Dasera, stated that this incident highlights the growing boldness and sophistication of cybercriminals. The high status of the auction house implies that its clients include wealthy individuals, for whom a personal data breach poses far-reaching consequences both personally and professionally.
“Paying the ransom only emboldens cybercriminals, encouraging them to carry out more attacks,” Chaudhuri said. “There is no guarantee that paying the ransom will lead to the safe return of the data.”
- Most read
month
week
day
- Due to US sanctions, Huawei has started selling beef, becoming China's largest importer of meat 882
- Honor introduces its first Magic V Flip foldable smartphone with largest external display in its class 876
- In the future, smartphones will disappear, instead there will be brain implants: Elon Musk’s predictions 844
- Armenian Revytech and French Thales presented modern cybersecurity solutions 808
- Oppo introduces super rugged smartphone that looks like regular one 772
- Galaxy Watch FE. Samsung release budget yet powerful smartwatch 733
- WhatsApp has new feature that will make it easier to transfer data from an old smartphone to new one 679
- What problems can arise in children from playing too much of the popular game Hamster Kombat? 541
- Scammer new way of stealing private data on Instagram: How to avoid it? 485
- Next Apple Watch will be thinner, have larger screen, and some components will be 3D printed 471
- Archive