In early May, cybercriminals targeted renowned London auction house Christie’s in a cyberattack. Hacker group Ransomhub claimed responsibility. They demand a ransom, threatening to leak as many as 500,000 Christie’s clients data if their demand is ignored, according to a report by Security Boulevard.
Security researcher Dominic Alvieri publicized a screenshot of Ransonhub’s statement on social media platform X. According to the statement, Ransomhub attempted to negotiate a “reasonable solution” with Christie’s, but the auction house purportedly stopped negotiations midway.
The cybercriminals warn that publishing Christie’s client’s confidential data could result in “significant fines in accordance with GDPR” and could damage the reputation of the auction house.
Ransomhub claims to have taken “confidential personal information” of at least 500,000 private clients of Christie’s globally. These include full names, gender, date of birth, place of birth, and nationality. As a proof of their claim, the hackers published some data samples. They have set a countdown on their site, indicating their intention to release the data in early June if Christie’s refuses to pay the ransom.
As reported by Bloomberg, due to the cyberattack Christie’s had to shut down its website on May 9, just days ahead of a major spring auction in New York. The auction was consequently held on an alternative website, with the main site being inaccessible for 10 days.
A Christie’s representative acknowledged to the New York Times that a “limited amount of certain customers’ personal data” had been stolen. However, they reassured that there was no proof that financial or transactional data were compromised. The auction house had previously described the hacking incident as a “technology security problem,” which the Times hints as downplaying the scale of the breach.
A representative of Christie’s said that the company is working with law enforcement regarding the issue, and will soon notify the affected clients about the breach.
Ray Kelly, a security expert at Synopsys Software Integrity Group, highlighted the potential magnitude of the breach. He said, “Given the high-profile clients that Christie’s serves, it’s easy to understand the significant damage to them and Christie’s reputation should these data be published.”
Ani Chaudhuri, CEO of software developer Dasera, stated that this incident displayed the growing audacity and sophistication of cybercriminals. As a high-status auction house, Christie’s clientele includes wealthy individuals for whom any data leakage could have far-reaching personal and professional ramifications. “Paying a ransom only emboldens cyber criminals, encouraging them to commit further attacks,” Chaudhuri warned. “There’s no guarantee that paying a ransom leads to the safe return of data.”