NEW YORK, NY.- Officials at Christies auction house said Saturday that the marquee sales that account for nearly half of its annual revenue would continue, despite the company having lost control of its official website Thursday in a hack that is testing the loyalty of its ultrawealthy clients amid its spring auctions.
Natasha Le Bel, a spokesperson for the auction house, said that Christies New York sales of modern and contemporary art will take place as planned, but did not respond to questions about how the online portion of the auction would continue. We remain committed to providing the highest level of service to our clients and look forward to a successful week, she said.
On Thursday, Christies experienced what it called a technology security issue that took its company website offline, leaving in place an apology and the promise to provide further updates to our clients as appropriate. By Sunday, the site was still down.
It was the second time in less than a year that Christies had suffered a breach. In August, a German cybersecurity company revealed a data breach at the auction house that leaked the locations of artworks held by some of the worlds wealthiest collectors.
Over the weekend, dozens of those potential buyers gathered at the companys galleries at Rockefeller Center in Manhattan to view the expensive artworks that have a total high estimate of nearly $840 million, and to discuss bidding. Employees led private tours past the giant Andy Warhol Flowers silk-screen painting from 1964 that carries a high estimate of $30 million, and down toward the more modestly priced day sales, where a Barbara Kruger artwork proclaiming You cant drag your money into the grave with you had a high estimate of $600,000.
Christies employees assured some clients in the galleries that its website would be fixed imminently, but Saturday afternoon, when the company still had not regained control, it replaced a temporary landing page on the site since Thursday with another temporary website produced through a free web design company called Shorthand. The temporary site lets viewers browse online catalogs of upcoming sales but does not allow online bidding or registration.
Behind the scenes, two auction house employees, who asked not to be identified because they were not authorized to speak publicly, described a state of panic in which top leaders remained quiet about the details of the security breach and have not addressed questions from employees about whether the hackers have accessed confidential information about clients and are holding it for ransom.
Several prominent buyers and sellers also said they had been left in the dark about the incident, and that they had not been alerted to the hack until a reporter called.
A cyberattack like this is the 21st-century equivalent of a hand grenade in a small room, said art market lawyer Thomas C. Danziger, who often represents clients at auction. Twenty-five years ago, it would have been a flood or a hurricane.
Wendy Cromwell, an art adviser, said that serious buyers would find ways of doing business with the auction house even as it experienced technical difficulties.
Its a nightmare, obviously, with all the payment and purchaser data they own. I have not heard from Christies regarding my companys account, she wrote in an email.
But in terms of the upcoming auctions, she said, Im planning to attend the evening sales in person. I dont usually bid online.
On Saturday afternoon, as collectors milled through the galleries, a receptionist said the companys CEO, Guillaume Cerutti, was not in the office. Cerutti, who took the reins of the company in 2016 at a time when auction houses were struggling to find strong estates and inventory to draw new buyers also did not respond to requests for comment through a representative about the hack and the upcoming auctions.
The hack was bad timing not just for Christies executives, but for the Pinault family, which controls the auction house through Groupe Artémis, a holding company. Artémis also controls Kering, the luxury group that owns fashion brands like Gucci and Balenciaga and is run by billionaire François-Henri Pinault, who is also managing partner of Artemis (with his father, François Pinault, the family patriarch).
In March, Kering issued a profit warning that forecast a 10% drop in group revenues in the first three months of 2024, with sales at Gucci, its largest brand, falling nearly 20% year-on-year in the first quarter.
The Christies hack has also occurred in the midst of a leadership transition: The 26-year-old grandson of François Pinault, François Louis Nicolas Pinault, took the business moguls seat on the auction house board earlier this year. His family representatives did not immediately respond to a request for comment Saturday.
Sothebys and Phillips the two other major auction houses said they had not experienced any cyberattacks in recent weeks.
Chelsea Binns, a cybercrime expert who teaches at the John Jay College of Criminal Justice in Manhattan, said that most companies are unprepared for hackers and should be preparing by doing drills and drafting a backup plan.
But its just a matter of time, she said. There is a bit of denial about reality.
This article originally appeared in
The New York Times.