Ransomware Attack on Christie's Auction House

Company Profile

Christie's Auction House, founded in 1766 by James Christie, is a British company that has established itself as one of the world's premier art auction houses. Specializing in fine art, jewelry, antiques, and collectibles, Christie's boasts a significant global presence with salerooms in cities such as London, New York, Paris, and Hong Kong. In 2022, the company achieved a record-breaking $8.4 billion in sales of art and luxury goods.

Ransomware Attack Overview

The RansomHub ransomware group targeted Christie's Auction House through their website. The attackers claimed to have leaked personal information of 500,000 clients following a ransomware attack during an $840 million auction event. Christie's confirmed the data breach and subsequently took its website offline to investigate the incident. The company indicated that only a limited amount of personal data was accessed, with no financial records compromised.

Ransomware Group Profile

RansomHub is a new ransomware group known for its distinct approach of making claims and backing them up with data leaks. Operating as a Ransomware-as-a-Service (RaaS) group, RansomHub affiliates receive a substantial portion of the ransom money. Their ransomware strains, written in Golang, distinguish them in the ransomware landscape.

Company Vulnerabilities

As a renowned and high-profile entity in the art auction industry, Christie's Auction House is a prime target for threat actors like RansomHub. The company's extensive client base and valuable assets make it an appealing target for ransomware attacks. Moreover, the nature of Christie's operations, which involve high-value transactions and sensitive client information, heightens the risk of cyber threats.

Sources:

• Christie's Corporate Entities
• Bloomberg - Christie's Cyberattack
• Sotheby's - Auction News