Christie’s [1] [2] [3] [4] [5] [6] [7] [8] [9], a prominent UK-based auction house, recently experienced a cyberattack that disrupted their website [3], affecting online viewing of high-value items worth an estimated $840m.


The cyberattack on Christie’s website prevented online viewing of high-value items [1], including a $35m Vincent van Gogh painting and rare wine [7] [8]. CEO Guillaume Cerutti described the incident as a “technology security incident” and confirmed that auctions proceeded as planned, except for the Rare Watches sale in Geneva [4], which was delayed. Despite the website being offline [1], bids could still be placed over the phone and in-person [1] [6] [8] [9]. The outage occurred just before their annual art auction week, but a charity auction raised funds for Duchenne muscular dystrophy [1] [8]. Christie’s New York auctions featuring works by Picasso, O’Keefe [1], and Warhol will proceed as scheduled, with online bidding available through Christie’s Live service [1]. The full extent of the attack remains unclear [2], but security experts speculate that it may be related to market manipulation to impact auction prices [3]. Christie’s has assured that well-established protocols are in place to manage such incidents and has created a temporary website for upcoming auction information. The auction house also has additional sale rooms in various locations worldwide [9], with its primary location in London [9]. Previous cybersecurity issues [4] [7], such as a vulnerability exposing photo uploader locations and threat actors targeting payment card details on Sotheby’s websites [4], have been reported [3] [4].


The cyberattack on Christie’s website highlights the importance of robust cybersecurity measures in the art auction industry. While the incident caused disruptions, auctions were able to proceed through alternative bidding methods. Moving forward, Christie’s will need to continue enhancing its security protocols to prevent future attacks and safeguard valuable assets.