Christie’s Luxury Auction House Targeted by ‘Russian’ Hackers, Threatening to Publish Client Data

Luxury auction house Christie’s was targeted by ‘Russian’ hackers, resulting in the website being down for ten days and the threat of personal details of half a million clients being published on the dark web.

The hack, confirmed by ransomware group RansomHub, forced Christie’s to take down its site on May 9 ahead of an auction in New York. The group claimed responsibility and threatened to release sensitive personal information of 500,000 clients from around the world.

Despite the site being down, the auction house’s bidding site remained online, allowing sales to proceed as scheduled. Christie’s stated that there was unauthorized access by a third party to parts of their network, with limited personal data of some clients being compromised.

The incident has raised concerns about GDPR laws, as firms must disclose cyberattacks that compromise personal data and face hefty fines if they fail to do so. Christie’s is currently notifying privacy regulators and government agencies while communicating with affected clients.

This hack comes after the identification of the mastermind behind the ransomware gang LockBit as Russian hacker Dmitry Yuryevich Khoroshev. He has been sanctioned by the UK, US, and Australia, with the US filing an indictment against him.

The sanctions against Khoroshev highlight the global effort to combat cybercrime and hold individuals accountable for their actions. LockBit was known for targeting high-profile victims such as the Royal Mail, Boeing, and Porton Down before its command and control structure was seized in a joint international operation in February.