Connect with us

World

Christie’s website hack shows how art world has become target for cybercrime

Published

on

Christie’s website hack shows how art world has become target for cybercrime

A ransomware hack was the last thing the precarious fine art market needed – but that’s what it got when Christie’s website went down days before it began its all-important 20th and 21st century May auctions in New York.

Guillaume Cerutti, CEO of the French-owned auctioneer, gently called the attack a “technology security incident”. Christie’s posted its auction catalogs on a separate site, the sale went ahead with sales of $640m, and 10 days later the website came back to life.

But that wasn’t the end of it. The reality of the hack was far from an “incident” and has sent shock waves through some of the art world’s richest people in the latest example of how cybercrime – and especially stealing personal information – is becoming a boom industry.

The cyber-extortionist group RansomHub has now claimed responsibility for the hack in a message on the dark web, and with it a sample of information it claimed to have access to “sensitive personal information … for at least 500,000 of their private clients from around the world”.

The hacker’s message included a countdown clock to when, the extortionist threatened, they would release the data they had stolen. But they also said they had “attempted to come to a reasonable resolution” until Christie’s negotiations with the gang had been cut off abruptly.

Christie’s, which reported global sales of $6.2bn last year, has stressed that it had found no evidence that the hackers had compromised “any financial or transactional records”, and taken only “a limited amount of personal data”.

It’s not the first time that auctioneers, dealers and art fairs have been hit by cyber-attacks. In 2021, dealers at Art Basel received a warning that their information may have been exposed.

Last year Christie’s accidentally exposed the location data for hundreds of consigned works. The Art Newspaper reported in 2017 that the clients of nine galleries were hit with straightforward phishing operation using fake invoices involving a scammer impersonating a figure at a gallery to get payment from a collector for an artwork.

“Although the most recent Christie’s breach may not involve financial information, it may contain contact information for their high net-worth clients – and that’s potentially worrisome because it could lead to the commission of further cybercrime,”said Dr Chris Pierson, CEO of BlackCloak, a company that specializes in securing the digital lives of high-profile figures and their families.

“The main issue for Christie’s is reputational and they need to get ahead of it in terms of communication with their clients and make sure they know what information is out there so they can protect themselves and to know what Christie’s is doing to make sure this does not happen again,” Pierson added.

But any kind of exposure is unwelcome. The art market relies on discretion and opacity. For dealers, both private and public salesrooms, success depends on matching buyers to sellers, and the knowledge of who has got what and who is looking to buy.

But that information is unlikely to be in a database, says one knowledgable private dealer, because it’s the province of specialists who jump from one auction house to another, or to a private gallery, on the basis of that knowledge. Last week, for example, it was announced that Sotheby’s Brooke Lampley, the auctioneer’s global chairman and head of global fine art, who had previously led Christie’s impressionist and modern team, was joining Gagosian.

Still, warned the art market lawyer Thomas C. Danziger to ARTnews, “to a savvy hacker, the Monet consignor’s personal data may be worth as much as his bank PIN code”.

But mega-wealthy art buyers and sellers often operate behind a system of agents and advisers, and dealers this month said it was noticeable that the auctions were sparsely attended and bidding was thin – suggesting that buyers were already in place for the big-ticket works and many through a system of third-party guarantees.

“They were pulling bids off the chandeliers,” says one private dealer.

The opacity of that system was the central issue in a New York lawsuit this year when the Russian billionaire art collector Dmitry Rybolovlev lost a legal fight with Sotheby’s over his claim that the auctioneer colluded with a Swiss art dealer who was collecting fees as both dealer and agent and, Rybolovlev claimed, cheated him out of over $160m.

The threat of art fraud, often involving false provenance, has helped to create an growing industry of security specialists, some offering AML (anti-money laundering), anti-sanctions busting and KYC or “know your client” services.

RansomHub, the extortion group attempting to shakedown Christie’s, is one of about 30 different gangs that incestuously change their names and affiliations and operate out of Russia or the former Soviet bloc.

BlackCloak’s Pierson says the decision to pay or not pay the ransom demands is a business decision.

“In this case, if Christie’s is up and running and this is just an extortion attempt to prevent being named or names being released then a ransom payment is less likely because this is more of a reputational issue,” said Pierson.

Private dealers are hoping that problems at public auction houses will shift the business their way. But art sales across both are tough to find. New York’s May sales were down 50% from 2022. Sotheby’s is set for job losses in London, with further cuts likely at locations in Europe and New York.

Christie’s, owned by Francois Pinault, has not announced similar measures, but much of art the business is also moving behind closed doors. Dealer Larry Gagosian has clearly taken note: his latest show, Icons from a Half Century of Art, is strictly by appointment.

Continue Reading