NEW YORK: A hacker group called RansomHub has claimed responsibility for a cyberattack that crippled the website of auction house Christie's just days before its marquee US spring sales, according to The New York Times.
The collective said in a post on the dark web it had accessed private data from the world's richest art collectors, the Times reported, and would release it by the end of May.
The hackers posted examples of names and birthdays but it was not immediately clear if they had accessed financial data, client addresses or other more sensitive information.
The attack – which Christie's described as a "technology security issue" – forced the auction house offline days before it was planning on auctioning around $640 million worth of art.
The portal was hobbled for the entirety of the critical sales week, although the iconic auction house was able to set up a new website for live auctions.
A Christie's spokesman said investigations had determined that there was a security breach of "parts of" the company's network, and that the group behind the incident took "some limited amount" of clients' personal data.
"There is no evidence that any financial or transactional records were compromised," he added.
In their dark web post, the hackers said Christie's had failed to pay a ransom and cut off communication as they were attempting to come to a "reasonable resolution" with the auction house, according to the Times.
"It is clear that if this information is posted they will incur heavy fines from GDPR as well as ruining their reputation with their clients," the RansomHub post reportedly said.
The European Union's General Data Protection Regulation requires companies to report cyberattacks that might have compromised the sensitive data of clients. Violations can bring fines in excess of $20 million. --AFP