Auction house Christie’s has informed authorities that the data breach caused by a recent ransomware attack impacts the information of roughly 45,000 individuals.
According to information submitted by the company to the Maine Attorney General, the intrusion was discovered on May 9. An investigation showed that the attackers managed to steal some files containing personal information.
Impacted individuals are being notified. The notification letter sample submitted by Christie’s to the Maine AG does not specify what type of data was compromised besides names, driver’s license numbers, and non-driver identification card numbers.
Impacted individuals are being offered identity theft and fraud monitoring services for 12 months, which suggests sensitive personal information was stolen by the hackers.
The RansomHub ransomware group has taken credit for the attack, claiming to have stolen information such as name, birth date, address, and data from identification documents.
The hackers claimed to have stolen information belonging to at least 500,000 Christie’s clients from around the world, but it’s not uncommon for ransomware groups to exaggerate their claims.
On their leak website, the cybercriminals claimed to have sold the data stolen from the auction house. However, Emsisoft threat analyst and ransomware expert Brett Callow has questioned their claims, saying that they likely don’t want to admit not being able to monetize the attack.
Broadcom’s Symantec reported last week that its researchers had found evidence suggesting that the RansomHub ransomware-as-a-service is “very likely an updated and rebranded version of the older Knight ransomware”.
However, Symantec said it’s unlikely that the creators of Knight are also operating RansomHub, noting that the Knight source code was put up for sale in February 2024 after its developers decided to shut down the operation.
Related: Snowflake Data Breach Impacts Ticketmaster, Other Organizations
Related: BBC Data Breach Impacts 25,000 Employees
Related: FBCS Data Breach Impact Grows to 3.2 Million Individuals
