Connect with us

Hi, what are you looking for?


Data Breaches

Christie’s Confirms Data Breach After Ransomware Group Claims Attack

Auction house Christie’s has confirmed suffering a data breach following a ransomware attack launched earlier this month.

Christie's ransomware data breach

Auction house Christie’s has confirmed suffering a data breach after a ransomware group on Monday threatened to leak information stolen from the company.

Christie’s website went offline earlier this month due to what the company described at the time as a “technology security incident”. The cyberattack was launched just as the auction house was attempting to sell high-value items worth an estimated $840 million. 

While the incident prevented potential buyers from viewing the auctioned items on Christie’s site, people could still make bids and the event was considered a success.

It now appears that the incident was the result of an attack conducted as part of a relatively new ransomware operation named RansomHub

The cybercrime group emerged in February 2024 and made headlines in recent weeks after it started leaking data allegedly stolen from healthcare transactions processor Change Healthcare.

RansomHub listed Christie’s on its Tor-based leak website — along with a few other organizations — on Monday. 

The cybercriminals claim to have stolen 2 Gb of data from the auction house and are threatening to make it public in less than a week unless a ransom is paid. 

The black hat hackers claim to have stolen “sensitive personal information” belonging to “at least 500,000 [of Christie’s] private clients from all over the world”.

A screenshot posted by the hackers suggests that they have obtained a database containing personal information such as name, date of birth, address, nationality, and data from identification documents such as passports. 

Advertisement. Scroll to continue reading.

“We attempted to come to a reasonable resolution with them but they ceased communication midway through,” the ransomware group said. “It is clear that if this information is posted they will incur heavy fines from GDPR as well as ruining their reputation with their clients and don’t care about their privacy.”

In a statement to SecurityWeek, Christie’s said the company experienced a technology security incident earlier this month and took swift action to protect its systems, which included taking its website offline. 

“Our investigations determined there was unauthorized access by a third party to parts of Christie’s network. They also determined that the group behind the incident took some limited amount of personal data relating to some of our clients. There is no evidence that any financial or transactional records were compromised,” a Christie’s spokesperson said.

“Christie’s is currently notifying privacy regulators, government agencies as well as in the process of communicating shortly with affected clients,” the Christie’s spokesperson added.

Related: OmniVision Says Personal Information Stolen in Ransomware Attack

Related: Nissan Data Breach Impacts 53,000 Employees

Related: Personal Information Stolen in City of Wichita Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

Megan Samford named Chief Security Officer of Schneider Electric's US National Security Agreements & US Federal Business.

Amir Gabrieli has been named the new Vice President of Product at Mitiga.

More People On The Move

Expert Insights