Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Christie’s Says Ransomware Attack Impacts 45,000 People

Auction house Christie’s says the data breach caused by the recent ransomware attack impacts the information of 45,000 individuals.

Christie's ransomware data breach

Auction house Christie’s has informed authorities that the data breach caused by a recent ransomware attack impacts the information of roughly 45,000 individuals.

According to information submitted by the company to the Maine Attorney General, the intrusion was discovered on May 9. An investigation showed that the attackers managed to steal some files containing personal information. 

Impacted individuals are being notified. The notification letter sample submitted by Christie’s to the Maine AG does not specify what type of data was compromised besides names, driver’s license numbers, and non-driver identification card numbers. 

Impacted individuals are being offered identity theft and fraud monitoring services for 12 months, which suggests sensitive personal information was stolen by the hackers. 

The RansomHub ransomware group has taken credit for the attack, claiming to have stolen information such as name, birth date, address, and data from identification documents. 

The hackers claimed to have stolen information belonging to at least 500,000 Christie’s clients from around the world, but it’s not uncommon for ransomware groups to exaggerate their claims.

On their leak website, the cybercriminals claimed to have sold the data stolen from the auction house. However, Emsisoft threat analyst and ransomware expert Brett Callow has questioned their claims, saying that they likely don’t want to admit not being able to monetize the attack. 

Broadcom’s Symantec reported last week that its researchers had found evidence suggesting that the RansomHub ransomware-as-a-service is “very likely an updated and rebranded version of the older Knight ransomware”.

However, Symantec said it’s unlikely that the creators of Knight are also operating RansomHub, noting that the Knight source code was put up for sale in February 2024 after its developers decided to shut down the operation. 

Advertisement. Scroll to continue reading.

Related: Snowflake Data Breach Impacts Ticketmaster, Other Organizations

Related: BBC Data Breach Impacts 25,000 Employees

Related: FBCS Data Breach Impact Grows to 3.2 Million Individuals

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights