Officials at auction house Christie’s said Saturday that big sales that account for nearly half of its annual revenue would continue, even though the company lost control of its official website last Thursday in an attack that is putting tests the loyalty of its ultra-rich clients in the midst of its spring auctions.
Natasha Le Bel, a spokeswoman for the auction house, said Christie’s modern and contemporary art sales in New York “will go ahead as planned,” but did not respond to questions about how the online portion of the sale would continue. auction. “We remain committed to providing the highest level of service to our customers and look forward to a successful week,” she said.
On Thursday, Christie’s experienced what it called a “technological security issue” that took its company website offline, leaving an apology and a promise to provide “further updates to our customers as appropriate.” On Sunday, the site was still down.
It was the second time in less than a year that Christie’s had suffered a breach. In August, a German cybersecurity firm revealed a data breach at the auction house that leaked the location of works of art held by some of the world’s richest collectors.
Over the weekend, dozens of those potential buyers gathered at the company’s galleries at Rockefeller Center in Manhattan to view the pricey works of art that have a high total estimate of nearly $840 million, and to discuss offers. . Employees took private tours past Andy Warhol’s giant 1964 “Flowers” screen print, which has a high estimate of $30 million, and to the more modestly priced sales of the day, where a Barbara Kruger artwork that proclaiming “You can’t drag your money to the grave with you” had a high estimate of $600,000.
Christie’s employees assured some customers at galleries that its website would be fixed “imminently,” but on Saturday afternoon, with the company still to regain control, it replaced a temporary home page on the site from Thursday. for another temporary website produced through a free web design company called Shorthand. The temporary site allows visitors to browse online catalogs of upcoming sales, but does not allow bidding or online registration.
Behind the scenes, two auction house employees, who asked not to be identified because they were not authorized to speak publicly, described a state of panic in which top leaders remained silent about the details of the security breach and did not respond to questions from employees about whether hackers have accessed sensitive information about customers and are holding it for ransom.
Several prominent buyers and sellers also said they had not received information about the incident and were not alerted to the attack until a reporter called.
“A cyberattack like this is the 21st century equivalent of a hand grenade in a small room,” said art market attorney Thomas C. Danziger, who often represents clients at auctions. “Twenty-five years ago, it would have been a flood or a hurricane.”
Wendy Cromwell, an art adviser, said serious buyers would find ways to do business with the auction house even if it experienced technical difficulties.
“It’s a nightmare, obviously, with all the payment and buyer data they have. “I have not heard from Christie’s regarding my company account,” he wrote in an email.
But in terms of the upcoming auctions, he said: “I am planning to attend the evening sales in person. “I don’t normally do online bidding.”
On Saturday afternoon, as collectors toured the galleries, a receptionist said the company’s chief executive, Guillaume Cerutti, was not in the office. Cerutti, who took the reins of the company in 2016 at a time when auction houses were struggling to find solid properties and inventory to attract new buyers, also did not respond to requests for comment through a representative about the hack and the upcoming auctions.
The attack was a bad moment, not only for Christie’s executives, but also for the Pinault family, which controls the auction house through Groupe Artémis, a holding company. Artémis also controls Kering, the luxury group that owns fashion brands such as Gucci and Balenciaga and is run by billionaire François-Henri Pinault, who is also managing partner of Artemis (along with his father, François Pinault, the family patriarch). .
In March, Kering issued a profit warning forecasting a 10 percent drop in group revenue in the first three months of 2024, and sales at Gucci, its biggest brand, fell nearly 20 percent year-on-year in the first trimester.
The Christie’s hack also came amid a leadership transition: François Pinault’s 26-year-old grandson, François Louis Nicolas Pinault, took the business magnate’s seat on the auction house’s board of directors in early this year. Representatives for his family did not immediately respond to a request for comment Saturday.
Sotheby’s and Phillips, the other two major auction houses, said they had not experienced any cyberattacks in recent weeks.
Chelsea Binns, a cybercrime expert who teaches at John Jay College of Criminal Justice in Manhattan, said most companies are not prepared for hackers and should prepare by conducting drills and writing a backup plan.
“But it’s just a matter of time,” he said. “There is a bit of denial of reality.”
Additional reporting by Julia Halperin and Vanessa Friedman in New York.