'Cyberattack' shutters Christie's website days before $840M art mega-auction
Going once, going twice, going offline
Christie's website remains offline as of Monday after a "technology security issue" shut it down Thursday night – just days before the venerable auction house planned to flog $840 million of art.
As of Friday morning and still today, Christie's redirects visitors to a temporary website, reportedly due to a cyberattack. It's not thought, at the moment, that any customer data has been stolen.
The temporary site right now has the following message on it:
We apologize that our full website is currently offline. We are looking to resolve this as soon as possible and regret any inconvenience.
In a statement to the media, Christie's confirmed "a technology security issue has impacted some of our systems, including our website." The auction house did not immediately respond to The Register's inquiries on how the digital intruders broke in, what data (if any) they stole, and when Christie's expected to have its main website back online.
Christie's did confirm its art mega-sale would continue as planned this Tuesday, but with bidding in person and by phone — not online. "We are looking forward to welcoming you to our exhibitions and to registering you to participate in these auctions," CEO Guillaume Cerruti said.
The latest security snafu comes less than a year after Christie's inadvertently leaked location data belonging to hundreds of high-end art owners seeking to sell their paintings at auction.
That blunder, which came to light in August, was basically a privacy oversight by Christie's website, which allowed would-be customers to upload photos of the art they were seeking to sell.
As noticed by some clever clogs, some of these uploads included precise GPS coordinates revealing the exact location of some very pricey pieces. These physical addresses — which could guide would-be thieves to the buildings where the art resided — were publicly available to anyone online via the Christie's website, which had failed to strip out this location metadata from submitted snaps.
Christie's said it has addressed that error. Another security slip-up, however, isn't a good look for the British auction house.
- Europol confirms incident following alleged auction of staff data
- Cybercriminals hit jackpot as 500k+ Ohio Lottery lovers lose out on their personal data
- CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly'
- AI red-teaming tools helped X-Force break into a major tech manufacturer 'in 8 hours'
Meanwhile, cybercriminals continue their all-out assault on organizations across the globe, with recent break-ins and data-theft incidents hitting a wide range of targets from Europol to the Ohio Lottery.
These types of high-profile compromises were a hot topic of discussion among US officials and private-sector security firms alike at last week's RSA Conference.
According to Jen Easterly, director of the US government's CISA, the only way to make cyberattacks, including ransomware infections, a "shocking anomaly" is by holding technology makers — not end users — accountable for making their products more secure. ®
Updated to add on May 13
Christie's has been in touch again with some more details:
Looking ahead, we are pleased to confirm all our live auctions this week will take place as scheduled, with the exception of the Rare Watches sale in Geneva that we postponed by one day to tomorrow, 14th May.
Our marketing teams have designed and built a new website environment to host content for our live auctions including sales information, catalogues and essays. Our Christie's YouTube channel is also available with virtually all our video content for this week’s Luxury and 20/21 sales, as well as our other social media channels. While our usual website remains offline, our clients will be able to bid securely in person, on the phone, by absentee bid and online via Christie’s LIVE.
PS: UK newspaper publisher Newsquest, which is behind titles from the Oxford Mail and Southampton's Daily Echo to the Glasgow Times and Lancashire Telegraph, had its websites defaced by miscreants claiming to be Russian hackers over the weekend.