A hacker group, RansomHub, has come forward claiming responsibility for a cyberattack on the renowned auction house Christie’s, which took place earlier this month. The attack, which disrupted the auction house’s website, occurred just before the start of its high-profile spring sales event involving over $850 million worth of art. The attack forced Christie’s to suspend online bidding and accept offers only by phone or in person.
According to a report by the New York Times, RansomHub released a statement on the dark web claiming that it accessed sensitive information about wealthy art collectors from around the world. The group threatened to release the data at the end of May if an agreement, presumably involving a large sum of money, is not reached before then. While it is difficult to verify the hackers’ claims, several cybersecurity experts have confirmed the existence of RansomHub and described the group’s claim about the attack as plausible.
Christie’s initially described the incident as a “technology security issue,” but has since acknowledged that the group accessed parts of its network and took limited amounts of personal data belonging to some of its clients. The auction house emphasized that there is no evidence that any financial or transactional records were compromised.
Cyberattackers Claim Responsibility for Christie’s Auction House Websites Downfall
In its statement, RansomHub claimed that it attempted to negotiate a resolution with Christie’s, but ceased communication midway. The group also threatened that if it posts the data containing information on the auction house’s clients, Christie’s will incur heavy fines under the GDPR (General Data Protection Regulation), a part of European privacy law and human rights law.
RansomHub has also claimed responsibility for a previous cyberattack on Change Healthcare, in which it allegedly stole four terabytes of data containing details on patients. The CEO of Change Healthcare’s parent company, UnitedHealth Group, recently admitted to paying a $22 million ransom to the hackers in an attempt to protect patient data.
Ransomware attacks have become increasingly common, with criminals raking in huge sums of money every year. The FBI has advised against paying a ransom in response to a ransomware attack, as it does not guarantee that data will not be exposed and will only encourage more attacks.
The attack on Christie’s highlights the growing threat of cyberattacks on high-profile institutions. It also underscores the importance of robust cybersecurity measures and the need for companies to prioritize data protection.
