A hacker group has claimed responsibility for a cyberattack that targeted auction house Christie’s earlier this month, the New York Times reported on Monday.
The attack, which disrupted the auction house’s website, took place just before the start of its high-profile spring sales event involving more than $850 million worth of art, forcing Christie’s to suspend online bidding and accept offers only by phone or in person.
At the time, Christie’s described it as a “technology security issue,” but now a hacker group called RansomHub has claimed that it was behind the cyberattack.
The group claimed in a post on the dark web on Monday that it had accessed sensitive information about wealthy art collectors from around the world, and threatened to release the data at the end of May if an agreement — presumably involving a large sum of money — isn’t reached before then.
The New York Times said in its report that it was “not immediately possible to verify RansomHub’s claims,” but added that a number of cybersecurity experts confirmed the existence of RansomHub and described the group’s claim about the attack as “plausible.”
Commenting on the incident, a spokesperson for Christie’s said in a release: “Our investigations determined there was unauthorized access by a third party to parts of Christie’s network. [We] also determined that the group behind the incident took some limited amount of personal data relating to some of our clients. There is no evidence that any financial or transactional records were compromised.”
In its message on the dark web seen by the New York Times, the hacker group said it had “attempted to come to a reasonable resolution with [Christie’s], but they ceased communication midway through.”
The group added that if it posts the data containing information on the auction’s house’s clients, Christie’s “will incur heavy fines” under the GDPR (General Data Protection Regulation), a part of European privacy law and human rights law.
RansomHub also claimed to be behind a cyberattack on Change Healthcare earlier this year in which it said it managed to steal four terabytes of data containing details on patients. Earlier this month, the CEO of Change Healthcare parent UnitedHealth Group admitted to paying a $22 million ransom to the hackers in a bid to protect patient data.
Ransomware attacks are becoming increasingly common, with criminals raking in huge sums of money every year. The FBI has said it does not support paying a ransom in response to a ransomware attack, as it doesn’t guarantee that data will not be exposed and will only encourage more attacks.
