• About
  • Landing Page
  • Buy JNews
SB Crypto Guru News- latest crypto news, NFTs, DEFI, Web3, Metaverse
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • GENERAL
    • ALTCOINS
    • ETHEREUM
    • CRYPTO EXCHANGES
    • CRYPTO MINING
  • BLOCKCHAIN
  • NFT
  • DEFI
  • WEB3
  • METAVERSE
  • REGULATIONS
  • SCAM ALERT
  • ANALYSIS
No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • GENERAL
    • ALTCOINS
    • ETHEREUM
    • CRYPTO EXCHANGES
    • CRYPTO MINING
  • BLOCKCHAIN
  • NFT
  • DEFI
  • WEB3
  • METAVERSE
  • REGULATIONS
  • SCAM ALERT
  • ANALYSIS
No Result
View All Result
SB Crypto Guru News- latest crypto news, NFTs, DEFI, Web3, Metaverse
No Result
View All Result

Christie’s hit with class action lawsuit over exposure of clients’ personal data in cyberattack

SB Crypto Guru News by SB Crypto Guru News
June 4, 2024
in NFT
0 0
0
Christie’s hit with class action lawsuit over exposure of clients’ personal data in cyberattack



The fallout of the cyberattack against Christie’s is intensifying. A client of the international auction house filed a class action complaint in the Southern District of New York yesterday (3 June) over Christie’s inability to protect the “personally identifiable information” (PII) of what are estimated to be at least 500,000 current and former bidders registered in its databases.

The complaint requests damages, including of the “actual, nominal, statutory, consequential and punitive” varieties, in an amount to be determined in a jury trial, as well as the payment of the plaintiff’s legal expenses. It also seeks court orders that would require Christie’s to undertake a long list of actions related to its client data and information security, including encrypting large tranches of its business-related data, removing sensitive personal information on its clients from cloud-based storage and conducting regular tests of its data security measures.

The only plaintiff currently named is Efstathios Maroulis, who the complaint defines only as a resident and citizen of Dallas, Texas. At the time of writing, a LinkedIn profile matching Maroulis’s name and locale listed its owner as the vice president and general manager of dental analytics and patient experience at a subsidiary of Henry Schein, a publicly traded, US-based supplier of dental and medical supplies.

A Christie’s spokesperson declined to comment on the lawsuit, citing the auction house’s policy on abstaining from public discussions of litigation. Milberg Coleman Bryson Phillips Grossman, the law firm representing Maroulis, had not responded to a request for comment by publication time. A message to the LinkedIn profile believed to belong to Maroulis also went unanswered.

From the dark web to data brokers

The complaint portrays the breach as “a direct result of [Christie’s] failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect consumers’ PII from a foreseeable and preventable cyberattack”. It goes on to allege that “data thieves have already engaged in identity theft and fraud and can in the future commit a variety of crimes” with the purloined information, which is now known to include customers’ full names, genders, birthdates, birthplaces and a variety of information from the identification pages on their passports, such as document numbers, expiration dates, issuing countries and barcode-like “machine-readable zones” (MRZs).

RansomHub, a network of hackers, claimed responsibility on 27 May for the cyberattack on Christie’s. The group said it would release the stolen data on the dark web unless the auction house paid an undisclosed sum before mid-day on 3 June; the deadline passed without any evidence of further action on RansomHub’s part, according to Bloomberg. The group also threatened to hold an auction for Christie’s data shortly after it took credit for the breach, though the outcome of that measure—or whether it happened at all—remained unclear by publication time.

Nonetheless, Christie’s clients are now threatened by multiple forms of identity theft, according to Maroulis’s lawsuit. These range from the obvious, such as the prospect of bad actors opening fraudulent financial accounts and taking out loans in the names of the exposed clients, to the less intuitive, including using the exposed parties’ data to illegally secure government benefits, acquire driver’s licences pairing Christie’s clients’ names with alternate photographs and “giving false information to police during an arrest”.

These risks may seem exaggerated to sceptics who have read the now-widely-circulated email sent by the auction house to affected customers on 30 May. Although Christie’s verified the exposure of the types of personal information later referenced in Maroulis’s lawsuit, the firm stated that the hackers acquired no financial details, transaction-related information, photos, signatures or additional contact information related to its clientele.

Yet Maroulis’s complaint complicates this picture somewhat. It describes how hackers with at least two forms of personally identifiable information can “marry” those illegally acquired details with data publicly available elsewhere to “assemble complete dossiers on individuals” with “an astonishingly complete scope and degree of accuracy”. These fleshed-out packages, called “fullz” in hacker circles, typically bring considerably higher prices on the dark web than partial records thanks to their considerably higher utility in perpetrating identity theft.

Beyond these malicious possibilities, the lawsuit expands the scope of alleged harm in a new and somewhat curious direction: that of legitimate data brokers, or intermediaries who aggregate and sell legally obtained information on potential customers to other businesses. The complaint alleges that data brokering comprises a $200bn market—and that Christie’s clients can no longer voluntarily sell their personal data in it at full value because that data has already been exposed by the RansomHub breach. Worsening the alleged injury, information on the auction house’s customers “may also fall into the hands of companies that will use [it] for targeted marketing” without their approval.

Disclosure and diminishment

The complaint takes aim at Christie’s communications with its clientele after the breach, too. The lawsuit argues that the 30 May email from Christie’s to its impacted customers omitted any information about the specific perpetrators of the cyberattack, the date on which it occurred, the means by which it was executed and the steps being taken to prevent similar incidents in the future. After adding that the auction house provided no additional details on these matters before the filing, the complaint states: “This ‘disclosure’ amounts to no real disclosure at all.”

Furthermore, it accuses the auction house of failing to follow up with the impacted clients to see if their data had been misused in any way since the breach, neglecting to say whether such misuses should be reported to Christie’s and declining to provide any mechanism to report these problems. The plaintiff alleges that being kept uninformed on the above fronts leaves the auction house’s customers “severely diminished” in their capacity to limit the harm that might be done to them as a result of the breach.

(In the 30 May email, Christie’s noted that it had reported the breach to “all relevant authorities”, including the UK police and the FBI, as well as “relevant data protection regulators globally”; it also offered all affected clients in eligible jurisdictions one year of identity theft and data monitoring services at no cost.)

The purported harm done to Christie’s clients becomes personalised late in the filing, where Maroulis alleges that he has received an increased number of spam calls, texts and emails since the cyberattack. He is described as “very careful about sharing his sensitive PII”—so much so that he “would not have entrusted” it to the auction house had he known of its “lax data security policies”. The complaint states that, for Maroulis and the rest of Christie’s customers, “time is highly valuable and irreplaceable”, meaning their attempts to safeguard themselves from the consequences of the cyberattack have already resulted in actual losses.

The breach has also, according to the complaint, caused Maroulis “to suffer fear, anxiety and stress, which has been compounded by the fact that [Christie’s] has still not fully informed him of key details about the data breach’s occurrence”. It remains to be seen how many of the auction house’s other clients will express similar feelings by joining the class action in the days and weeks ahead.



Source link

Tags: actionBitcoin NewsChristiesClassClientsCrypto NewsCrypto UpdatesCyberattackDataExposureHitLatest News on CryptolawsuitPersonalSB Crypto Guru News
Previous Post

How to Successfully Implement DEI Initiatives

Next Post

Core Scientific Soars on AI Deal and $1B Buyout Offer

Next Post
Core Scientific Soars on AI Deal and B Buyout Offer

Core Scientific Soars on AI Deal and $1B Buyout Offer

  • Trending
  • Comments
  • Latest
The Metaverse is Coming Back! – According to Meta

The Metaverse is Coming Back! – According to Meta

February 7, 2025
How to Get Token Prices with an RPC Node – Moralis Web3

How to Get Token Prices with an RPC Node – Moralis Web3

September 3, 2024
AI & Immersive Learning: Accelerating Skill Development with AI and XR

AI & Immersive Learning: Accelerating Skill Development with AI and XR

June 4, 2025
5 Proven XR and AI Training Use Cases for Enterprises

5 Proven XR and AI Training Use Cases for Enterprises

June 2, 2025
Meta Pumps a Further  Million into Horizon Metaverse

Meta Pumps a Further $50 Million into Horizon Metaverse

February 24, 2025
Samsung Unveils ‘Moohan’ to Compete with Quest, Vision Pro

Samsung Unveils ‘Moohan’ to Compete with Quest, Vision Pro

January 29, 2025
Bitcoin Hashprice Nears 5-Month High After Record Difficulty Drop Since China Ban

Bitcoin Hashprice Nears 5-Month High After Record Difficulty Drop Since China Ban

0
SEC approves Grayscale’s conversion of BTC, ETH, SOL, XRP fund into an ETF

SEC approves Grayscale’s conversion of BTC, ETH, SOL, XRP fund into an ETF

0
Deutsche Bank Plans 2026 Crypto Custody Debut: Are Top Banks Warming Up To Web3?

Deutsche Bank Plans 2026 Crypto Custody Debut: Are Top Banks Warming Up To Web3?

0
Tether Partners with Zanzibar to Promote Stablecoin Adoption and Blockchain Training

Tether Partners with Zanzibar to Promote Stablecoin Adoption and Blockchain Training

0
Markets Will Choose US-Regulated Stablecoins Over CBDCs ‘All Day, Every Day,’ Says Treasury Secretary Scott Bessent

Markets Will Choose US-Regulated Stablecoins Over CBDCs ‘All Day, Every Day,’ Says Treasury Secretary Scott Bessent

0
MFA Boston returns two works to Kingdom of Benin – The Art Newspaper

MFA Boston returns two works to Kingdom of Benin – The Art Newspaper

0
Altcoin Season Not Coming? Bitcoin Risks Crash To ,200 With Negative Sentiment

Altcoin Season Not Coming? Bitcoin Risks Crash To $98,200 With Negative Sentiment

July 3, 2025
MFA Boston returns two works to Kingdom of Benin – The Art Newspaper

MFA Boston returns two works to Kingdom of Benin – The Art Newspaper

July 3, 2025
Ripple Expands Stablecoin Push With OpenPayd Integration

Ripple Expands Stablecoin Push With OpenPayd Integration

July 3, 2025
Tokenized Deposits vs. Stablecoins: What’s the Difference and Why It Matters

Tokenized Deposits vs. Stablecoins: What’s the Difference and Why It Matters

July 2, 2025
Bitcoin Consolidates Below Resistance — Can It Seal A Weekly Close Over 7,720?

Bitcoin Consolidates Below Resistance — Can It Seal A Weekly Close Over $107,720?

July 2, 2025
Chuck E. Cheese Is Opening an Arcade Concept for Adults

Chuck E. Cheese Is Opening an Arcade Concept for Adults

July 2, 2025
SB Crypto Guru News- latest crypto news, NFTs, DEFI, Web3, Metaverse

Find the latest Bitcoin, Ethereum, blockchain, crypto, Business, Fintech News, interviews, and price analysis at SB Crypto Guru News.

CATEGORIES

  • Altcoin
  • Analysis
  • Bitcoin
  • Blockchain
  • Crypto Exchanges
  • Crypto Updates
  • DeFi
  • Ethereum
  • Metaverse
  • Mining
  • NFT
  • Regulations
  • Scam Alert
  • Uncategorized
  • Web3

SITE MAP

  • Disclaimer
  • Privacy Policy
  • DMCA
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us
  • Disclaimer
  • Privacy Policy
  • DMCA
  • Cookie Privacy Policy
  • Terms and Conditions
  • Contact us

© 2025 JNews - Premium WordPress news & magazine theme by Jegtheme.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO UPDATES
    • GENERAL
    • ALTCOINS
    • ETHEREUM
    • CRYPTO EXCHANGES
    • CRYPTO MINING
  • BLOCKCHAIN
  • NFT
  • DEFI
  • WEB3
  • METAVERSE
  • REGULATIONS
  • SCAM ALERT
  • ANALYSIS

© 2025 JNews - Premium WordPress news & magazine theme by Jegtheme.