‘Russian’ hackers target Christie’s and threaten to publish private details of half a million clients on the dark web | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

‘Russian’ hackers have targeted luxury auction house Christie’s, downing its website for ten days and threatening to publish the personal details of half a million of its clients on the dark web.

The hack of the London-based firm was confirmed this week as ransomware group RansomHub, which is believed to have links to Russia, claimed responsibility. 

On May 9 Christie’s was forced to take down its site ahead of an auction in New York and cited a ‘technology security incident’. 

The site was down for a total of ten days, with auction catalogues having to be posted on a separate website. 

A statement posted on the dark web by the group read: ‘While utilising access to Christie’s network we were able to gain access to their customers sensitive personal information… for at least 500,000 of their private clients from all over the world.

On May 9 Christie’s was forced to take down its site ahead of an auction in New York and cited a ‘technology security incident’
RansomHub posted on the dark web about the alleged hack and threatened to publish the data of some 500,000 clients

‘We attempted to come to a resonable resolution with them but they ceased communication midway through. It is clear that if this information is posted they will incur heavy fines from GDPR as well as ruining their reputation with the clients and don’t care about their privacy.’

The group then posted an image which the spokesperson claimed showed a sample of the data. It has not been independently verified that the group is responsible.

It claims to have data including full names, place of birth, date of birth, sex and nationality.

Under GDPR laws, firms must disclose when a cyberattack may have compromised personal data belonging to customers, and must pay a hefty fine if they do not.

A spokesperson for Christie’s said: ‘Earlier this month Christie’s experienced a technology security incident. We took swift action to protect our systems, including taking our website offline.

‘Our investigations determined there was unauthorised access by a third party to parts of Christie’s network. They also determined that the group behind the incident took some limited amount of personal data relating to some of our clients. 

‘There is no evidence that any financial or transactional records were compromised.

A sale on May 9 for Christie’s included some of the possessions of former F1 driver Michael Shumacher

‘Christie’s is currently notifying privacy regulators, government agencies as well as in the process of communicating shortly with affected clients.’

Throughout the period the site was down, the auction house’s bidding site remained online, meaning sales were able to go ahead as scheduled.

The latest hack comes after the mastermind behind the world’s most prolific ransomware gang, Lockbit, was unmasked as a Russian hacker.

The National Crime Agency this month identified the Russian national behind the cybercrime group as Dmitry Yuryevich Khoroshev.

He has been sanctioned by the UK, US, and Australia as a result of the unmasking.

‘These sanctions are hugely significant and show that there is no hiding place for cyber criminals like Dmitry Khoroshev, who wreak havoc across the globe,’ Graeme Biggar, Director General of Britain’s National Crime Agency, said in a statement.

‘He was certain he could remain anonymous, but he was wrong’.

According to the US Office of Foreign Assets Control, Khoroshev is 31 and lives in Russia, with details of his sanction designation also listing multiple email addresses and cryptocurrency addresses, alongside his Russian passport details.

The US has also filed an indictment against him.

LockBit was seen as one of the world’s most dangerous ransomware groups and its high-profile victims included the Royal Mail, Boeing, and Porton Down. 

In February, LockBit’s entire ‘command and control’ structure was seized by law enforcement after a joint international operation. 


Click Here For The Original Story From This Source.


National Cyber Security