Cyber Incident Victim: Rijksmuseum Twenthe

Fraudsters impersonated Simon C. Dickinson Ltd., a London art dealer, during email negotiations with Rijksmuseum Twenthe regarding the purchase of a John Constable painting. The attackers infiltrated months of email communications between the museum and the legitimate art dealer, positioning themselves as intermediaries in the transaction. They successfully redirected the museum’s payment instructions, convincing staff to transfer £2.4 million ($3.1 million) to a fraudulent bank account in Hong Kong instead of the genuine recipient. The deception remained undetected until after the funds were irreversibly sent, indicating the attackers maintained persistent access to communication channels throughout the negotiation period. No technical intrusion methods or compromised systems were detailed in available reports, though the attack exhibited characteristics of a business email compromise scheme targeting financial transactions.

The museum suffered an immediate financial loss equivalent to the full transaction value. Rijksmuseum Twenthe subsequently pursued legal recourse to recover damages, filing a lawsuit related to the fraudulent transfer. On January 30, 2020, a court ruling rejected the museum’s claim for compensation, compounding the financial impact with unsuccessful litigation expenses. The incident disrupted the museum’s acquisition plans for the Constable artwork, though the article does not specify whether the purchase was ultimately completed through legitimate channels. No public statements from the museum regarding operational changes or security enhancements following the fraud were documented in the source material.