Threat Actor: RansomHub | RansomHub
Victim: Christie’s | Christie’s
Price: N/A
Exfiltrated Data Type: Personal information of at least 500,000 Christie’s clients
Additional Information :
- The security breach occurred earlier this month.
- The website of Christie’s was unreachable after the attack.
- Christie’s had problems in selling art and other high-value items worth an estimated $840 million due to the cyberattack.
- Some sales have been delayed due to the cyber attack.
- RansomHub claimed responsibility for the attack and added the company to its Tor leak site.
- RansomHub stated that they had stolen 2GB of sensitive information, including personal information belonging to at least 500,000 Christie’s clients.
- The group is threatening to leak the stolen data if the victim does not pay the ransom by Sunday, June 2024.
- The gang has attempted to negotiate the payment with Christie’s without success.
- The gang added that after they will post stolen data, Christie’s will incur heavy fines from GDPR.
- Christie’s took swift action to protect their systems, including taking their website offline.
- The company spokesperson confirmed that unauthorized access by a third party occurred and a limited amount of personal data relating to some clients was taken.
- The auction house is notifying privacy regulators and law enforcement and will inform impacted clients.
Auction house Christie’s disclosed a data breach after the ransomware group RansomHub threatened to leak stolen data. The security breach occurred earlier this month.
The website of the auction house was unreachable after the attack.
According to BBC, Christie had problems in selling art and other high-value items worth an estimated $840 million due to a cyberattack. The spring auctions include a Vincent van Gogh painting valued at $35 million and rare wine, among other lots.
Some sales have been delayed due to the cyber attack.
RansomHub claimed responsibility for the attack and added the company to its Tor leak site. The extortion group said they had stolen 2GB of sensitive information, including personal information belonging to at least 500,000 Christie’s clients.
“While utilizing access to Christies network we were able to gain access to their customers sensitive personal information including [BirthPlace MRZFull DocumentNumber BirthDate ExpiryDate FirstName LastName IssueDate IssuingAuthority Sex DocumentCategory DocumentType NationalityName] as well as address, hieght, race and much more sensitive information for at least 500,000 of their private clients from all over the world.” states the group.
The group is threatening to leak the stolen data if the victim will not pay the ransom by Sunday, June 2,024.
The gang said it has attempted to negotiate the payment with the auction house without success. The gang added that after they will post stolen data, Christie will incur heavy fines from GDPR.
“Earlier this month Christie’s experienced a technology security incident. We took swift action to protect our systems, including taking our website offline” “Our investigations determined there was unauthorized access by a third party to parts of Christie’s network.” a company spokesman told BleepingComputer. “They also determined that the group behind the incident took some limited amount of personal data relating to some of our clients.”
The auction house is notifying privacy regulators and law enforcement, it is also going to inform impacted clients.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, data breach)
Original Source: https://securityaffairs.com/163808/cyber-crime/christie-data-breach.html