Cyber Incident Victim: Christie's

On May 9, 2024, Christie’s auction house experienced a cyberattack that forced its official website offline, described by the company as a "technology security issue." The incident occurred days before the start of Christie’s spring auctions, which represent nearly half of its annual revenue. By May 12, the website remained inaccessible, replaced initially by a temporary landing page apologizing for the disruption and promising client updates. The attack disrupted online bidding and registration systems critical for the upcoming marquee sales, which featured high-value artworks like Andy Warhol’s $30 million "Flowers" and Barbara Kruger’s $600,000 conceptual piece. Christie’s employees assured clients visiting its Rockefeller Center galleries that website restoration was "imminent," but the issue persisted through the weekend.

On May 11, CEO Guillaume Cerruti confirmed via email that eight auctions would proceed as scheduled with in-person and phone bidding, though the rare watches sale was postponed to May 14. Christie’s deployed a secondary temporary website using free design tool Shorthand, allowing catalog browsing but not online bidding or registration. The attack marked Christie’s second cybersecurity breach in under a year, following an August 2023 incident where a German firm exposed a data leak revealing artwork locations of wealthy collectors. The spring auctions proceeded amid uncertainty, with artworks totaling $840 million in high estimates on display. No details were provided about the attack’s origin, data compromise, or restoration timeline for full website functionality, and the company did not clarify how online auction components would be reinstated.