Skip to main content

Hacker group says it carried out Christie’s cyberattack

A hacker group has claimed responsibility for a cyberattack that targeted auction house Christie’s earlier this month, the New York Times reported on Monday.

The attack, which disrupted the auction house’s website, took place just before the start of its high-profile spring sales event involving more than $850 million worth of art, forcing Christie’s to suspend online bidding and accept offers only by phone or in person.

At the time, Christie’s described it as a “technology security issue,” but now a hacker group called RansomHub has claimed that it was behind the cyberattack.

The group claimed in a post on the dark web on Monday that it had accessed sensitive information about wealthy art collectors from around the world, and threatened to release the data at the end of May if an agreement — presumably involving a large sum of money — isn’t reached before then.

The New York Times said in its report that it was “not immediately possible to verify RansomHub’s claims,” but added that a number of cybersecurity experts confirmed the existence of RansomHub and described the group’s claim about the attack as “plausible.”

Commenting on the incident, a spokesperson for Christie’s said in a release: “Our investigations determined there was unauthorized access by a third party to parts of Christie’s network. [We] also determined that the group behind the incident took some limited amount of personal data relating to some of our clients. There is no evidence that any financial or transactional records were compromised.”

In its message on the dark web seen by the New York Times, the hacker group said it had “attempted to come to a reasonable resolution with [Christie’s], but they ceased communication midway through.”

The group added that if it posts the data containing information on the auction’s house’s clients, Christie’s “will incur heavy fines” under the GDPR (General Data Protection Regulation), a part of European privacy law and human rights law.

RansomHub also claimed to be behind a cyberattack on Change Healthcare earlier this year in which it said it managed to steal four terabytes of data containing details on patients. Earlier this month, the CEO of Change Healthcare parent UnitedHealth Group admitted to paying a $22 million ransom to the hackers in a bid to protect patient data.

Ransomware attacks are becoming increasingly common, with criminals raking in huge sums of money every year. The FBI has said it does not support paying a ransom in response to a ransomware attack, as it doesn’t guarantee that data will not be exposed and will only encourage more attacks.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
This anti-hacker group helps you escape ransomware for free
A depiction of a hacked computer sitting in an office full of PCs.

This week marks the sixth anniversary of the No More Ransom project, an initiative aimed at helping ransomware victims.

Operating as an online platform to help anyone who’s experiencing trouble after their system has been infected by some form of ransomware, No More Ransom was formed as a joint venture between law enforcement (Europol and the Dutch National Police) alongside IT security firms (Kaspersky and McAfee).

Read more
Cyberattacks have nearly doubled since last year, report says
Cybersecurity is a constant battle.

A recent analysis by fraud-buster and cybersecurity company Seon found that cyberattacks have nearly doubled since last year. Given that the number of people using the internet worldwide is creeping upward quite slowly by comparison, that means the odds that you'll be affected are increasing rapidly. It's time to double-check your security settings.

The most common cyberattacks reported were ransomware, phishing, and malware. Ransomware refers to software that threatens you with data loss or the sharing of personal information if a payment isn't made. Malware is similar but takes direct action to gain unauthorized access to your data, storage, and computer-processing power.

Read more
Chinese hackers use VLC media player to launch cyberattacks
A large monitor displaying a security hacking breach warning.

Researchers discovered that Chinese hackers have been using VLC Media Player to launch cybersecurity attacks.

The hacker group, allegedly affiliated with the Chinese government, uses the popular video player to deploy malware on the targeted computer.

Read more