May 28, 2024 - Technology

Ransomware gang claims Christie's hack

Illustration of an ornate frame around a gold safe

Illustration: Natalie Peeples/Axios

The RansomHub ransomware gang has taken credit for a cyberattack against renowned art auction house Christie's.

Why it matters: Christie's has yet to call the cyber "incident" a ransomware attack.

  • The auction house returned its website and app to full functionality this month after battling a cyberattack.

Zoom in: RansomHub claimed in a dark web listing seen by Axios on Monday that it stole 2 gigabytes' worth of information from Christie's, including at least 500,000 private clients' sensitive information.

  • A screenshot of the stolen data that RansomHub posted on its site suggests that some of the information includes passport numbers, birthdays and full names.

Between the lines: Ransomware gangs often name and shame their victims on their dark web site to pressure them into paying a hefty ransom.

  • Gangs typically promise not to leak any stolen data and to provide a decryption key when a victim pays a ransom.

Yes, but: Many cybercriminal gangs are known to go back on their promises.

The intrigue: RansomHub is also trying to pressure Christie's into paying a ransom by suggesting the company will face hefty regulatory fines if the stolen data is published.

  • "It is clear that if this information is posted they will incur heavy fines from GDPR as well as ruining their reputation with their clients and don't care about their privacy," the gang wrote in the post.

The big picture: RansomHub is a relatively new but quickly growing ransomware gang. Its first attack was in February.

  • Last month, the gang also listed stolen data from the Change Healthcare ransomware attack for sale.
Go deeper