UK-based auction house Christie's had information from 45,798 individuals stolen following a RansomHub ransomware attack last month, which is significantly lower than the more than 500,000 claimed by the ransomware gang to have been affected by the incident, The Register reports.
Infiltration of Christie's systems between May 8 and May 9 enabled the exfiltration of some stored data, none of which has been so far misused by attackers, said the auction house in breach notification letters sent to impacted customers who have been given a year of free credit monitoring.
While none of the compromised data was detailed in the letters, a filing with the Office of the Maine Attorney General revealed the theft of customers' names and ID document numbers. Christie's was also confirmed to not have paid the ransom demanded by RansomHub, which noted that negotiations commenced and eventually crumbled before it decided to expose the stolen data.