Cyberattack at auction house Sotheby's

Sotheby's is known for auctioning high-profile art and luxury items – a total of six billion euros were spent at the house's auctions in 2024. The company has now made public a cyberattack that occurred in July of this year. According to the auction house, names, social security numbers, and bank details were stolen. According to a media report, this data belongs to Sotheby's employees.

The auction house has now made the incident public in a notification to Maine's Attorney General, as required by local laws in such cases. According to this, two residents of the US state of Maine and, literally, "around two" residents of the state of Rhode Island are affected. The exact number of affected individuals is likely still unclear at this point. Sotheby's confirmed to the tech portal Bleepingcomputer that these are exclusively employees of the company (as of October 18, 5:55 PM).

Discovered two months later

The cyberattack reportedly occurred on July 24. However, it was only discovered on September 24. Sotheby's then conducted a thorough investigation of the affected data to clarify exactly which data was stolen by the criminals and to whom the data relates. Sotheby's is offering to cover the costs of 12 months of monitoring of credit and identity data with a credit bureau for individuals whose credit card information was stolen. The perpetrators behind the attack are still unknown at this time.

Data was also recently stolen from the auction house Christie's by the ransomware group RansomHub. The criminals wanted to force Christie's to pay, but the auction house refused. RansomHub later announced on its own website that the data had been auctioned off at an auction by an anonymous buyer for an undisclosed sum.

(nen)