The hacking group RansomHub is threatening to release “sensitive personal information” about the auction house’s clients.
A hacker group called RansomHub said it was behind the cyberattack that hit the Christie’s website just days before its marquee spring sales began, forcing the auction house to resort to alternatives to online bidding.
In a post on the dark web on Monday, the group claimed that it had gained access to sensitive information about the world’s wealthiest art collectors, posting only a few examples of names and birthdays. It was not immediately possible to verify RansomHub’s claims, but several cybersecurity experts said they were a known ransomware operation and that the claim was plausible. Nor was it clear if the hackers had gained access to more sensitive information, including financial data and client addresses. The group said it would release the data, posting a countdown timer that would reach zero by the end of May.
At Christie’s, a spokesman said in a statement, “Our investigations determined there was unauthorized access by a third party to parts of Christie’s network.” The spokesman, Edward Lewine, said that the investigations “also determined that the group behind the incident took some limited amount of personal data relating to some of our clients.” He added, “There is no evidence that any financial or transactional records were compromised.”
Hackers said that Christie’s failed to pay a ransom when one was demanded.
“We attempted to come to a reasonable resolution with them but they ceased communication midway through,” the hackers wrote in their dark web post, which was reviewed by a New York Times reporter. “It is clear that if this information is posted they will incur heavy fines from GDPR as well as ruining their reputation with their clients.”
GDPR, the General Data Protection Regulation, is an information privacy law in the European Union that requires companies to disclose when cyberattacks might have compromised the sensitive data of clients. Noncompliance with the law includes potential fines on companies that can rise to more than $20 million.
Cybersecurity experts said that RansomHub has emerged in recent months as an especially powerful ransomware group with possible connections to ALPHV, a network of Russian-speaking extortionists blamed for a cyberattack on Change Healthcare earlier this year. Hackers in that case appeared to receive a $22 million payment from the company’s owner, UnitedHealth Group, though United never admitted to sending the money. In April, RansomHub listed Change Healthcare as one of its victims and claimed to be holding onto four terabytes of stolen data.
We are having trouble retrieving the article content.
Please enable JavaScript in your browser settings.
Thank you for your patience while we verify access. If you are in Reader mode please exit and log into your Times account, or subscribe for all of The Times.
Thank you for your patience while we verify access.
Already a subscriber? Log in.
Want all of The Times? Subscribe.
Source: Elections - nytimes.com
