For the past week, the hackers who attacked Christie’s have been threatening to release a large trove of client data if the auctioneer didn’t pay a ransom by 11am New York time on June 3. That deadline came and went, and the gang has yet to drop files on the dark web.
The hacking group known as RansomHub claimed responsibility on May 27 for the cyberattack that struck the auction house earlier that month. They posted a countdown clock on their extortion site along with a message suggesting they’d release client data, including names and passport details, on Monday morning.
Three days later, RansomHub took up a new strategy: offering the data for auction on an update on its dark web site. It’s not clear what become of that effort, if anything.
The criminal group had said that Christie’s had ceased communications after they had attempted to reach a “reasonable resolution”. A Christie’s spokesperson didn’t immediately respond to a request for comment.
The auction house sent a notice to clients affected by the breach, emphasizing that while passport information was indeed compromised, contact details, financial data, and most importantly, transaction-related information hadn’t been exposed.
“Please rest assured we are treating this incident with the utmost seriousness,” the auction house wrote in a note to clients that was reviewed by Bloomberg. “We have proactively informed the relevant authorities, which include the UK police (via ActionFraud) and the FBI, as well as relevant data protection regulators globally, where required.”
While Christie’s was forced to deal with the immediate aftermath of the cyberattack, the damage to the company appeared to be limited. The incident occurred on the eve of watch auctions in Geneva and days before Christie’s began important auctions in New York.
Christie’s managed to sell US$115mil (RM540.32mil) in art in a single evening in May, despite the breach. In total, its May marquee week sales yielded US$640mil (RM3bil). – Bloomberg