Christie’s says breach impacted significantly fewer victims than hackers claimed


The famous auction house Christie’s has revealed the real number of individuals impacted by the latest data breach that temporarily rendered its website unavailable.

Christie's website was shut down by hackers just before a huge sales day in May, which was expected to yield around $840 million.

The ransomware cartel RansomHub claimed that the breach on Christie’s and posted information about the attack on their dark web forum, stating that they had obtained the sensitive data of 500,000 individuals.

The information supposedly obtained by RansomHub includes:

  • Names
  • Surnames
  • Dates of birth
  • Document numbers
  • Document expiration dates
  • Nationalities
  • Other personal information

RansomHub is a relatively new player in the ransomware ecosystem, having posted its first victim in February 2024. Analysts claim that the gang’s setup closely resembles a traditional Russian ransomware setup, with the gang avoiding targets in Russia, CIS countries, Cuba, North Korea, and China.

Contrary to RansomHub claims, an attorney associated with Christie’s has published a report on the Office of the Maine Attorney General's website stating that approximately 45,000 individuals have been affected by the breach – significantly lower than the hackers originally stated.

Furthermore, the information that Christie’s claimed was compromised during the breach differs from what RansomHub claims to have obtained.

The information impacted by the Christie’s breach includes:

  • Names
  • Other personal identifiers
  • Driver’s licenses
  • Non-driver identification card numbers

In a breach notification letter, Christie’s states, “On May 9th, 2024, we discovered that we were the victim of a cybersecurity incident that impacted some of our systems. As soon as we became aware of this event, we promptly took steps to secure our environment, launched an investigation, and engaged external cybersecurity experts to assist.”

“The investigation revealed an unauthorized actor accessed some of our systems and certain files stored therein between May 8th, 2024, and May 9th, 2024, and some files were copied from those systems on May 9th, 2024.”

As a precautionary measure, Christie’s is offering those affected by the breach a 12-month subscription to CyEx Identity Defense Total, which is an identity theft and fraud monitoring service.


More from Cybernews:

NewsBreak app under scrutiny for fake AI stories, ties to China

New York Times source code leak on 4Chan, days after Disney leak

Russian cyber operations are largest threat to Olympics, Google warns

More ethical hackers sounding alarm bells after trying out Microsoft Recall

Rare Xbox could yield British charity thousands 

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked