Hobbled by Cyberattack, Christie’s Says Marquee Sales Will Proceed

Officials at Christie’s auction house said on Saturday that the marquee sales that account for nearly half of its annual revenue would continue, despite the company having lost control of its official website last Thursday in a hack that is testing the loyalty of its ultrawealthy clients amid its spring auctions.

Natasha Le Bel, a spokeswoman for the auction house, said that Christie’s New York sales of modern and contemporary art “will take place as planned,” but did not respond to questions of how the online portion of the auction would continue. “We remain committed to providing the highest level of service to our clients and look forward to a successful week,” she said.

On Thursday, Christie’s experienced what it called a “ technology security issue” that took its company website offline, leaving in place an apology and the promise to provide “further updates to our clients as appropriate.” By Sunday, the site was still down.

It was the second time in less than a year that Christie’s had suffered a breach. In August, a German cybersecurity company revealed a data breach at the auction house that leaked the locations of artworks held by some of the world’s wealthiest collectors.

Over the weekend, dozens of those potential buyers gathered at the company’s galleries at Rockefeller Center in Manhattan to view the expensive artworks that have a total high estimate of nearly $840 million, and to discuss bidding. Employees led private tours past the giant Andy Warhol “Flowers” silk-screen painting from 1964 that carries a high estimate of $30 million, and down toward the more modestly priced day sales, where a Barbara Kruger artwork proclaiming “You can’t drag your money into the grave with you” had a high estimate of $600,000.

Christie’s employees assured some clients in the galleries that its website would be fixed “imminently,” but on Saturday afternoon, when the company still had not regained control, it replaced a temporary landing page on the site since Thursday with another temporary website produced through a free web design company called Shorthand. The temporary site lets viewers browse online catalogs of upcoming sales but does not allow online bidding or registration.

Behind the scenes, two auction house employees, who asked not to be identified because they were not authorized to speak publicly, described a state of panic in which top leaders remained quiet about the details of the security breach and have not addressed questions from employees about whether the hackers have accessed confidential information about clients and are holding it for ransom.

Several prominent buyers and sellers also said they had been left in the dark about the incident, and that they had not been alerted to the hack until a reporter called.

“A cyberattack like this is the 21st-century equivalent of a hand grenade in a small room,” said the art market lawyer Thomas C. Danziger, who often represents clients at auction. “Twenty-five years ago, it would have been a flood or a hurricane.”

Wendy Cromwell, an art adviser, said that serious buyers would find ways of doing business with the auction house even as it experienced technical difficulties.

“It’s a nightmare, obviously, with all the payment and purchaser data they own. I have not heard from Christie’s regarding my company’s account,” she wrote in an email.

But in terms of the upcoming auctions, she said, “I’m planning to attend the evening sales in person. I don’t usually bid online.”

On Saturday afternoon, as collectors milled through the galleries, a receptionist said the company’s chief executive officer, Guillaume Cerutti, was not in the office. Cerutti, who took the reins of the company in 2016 — at a time when auction houses were struggling to find strong estates and inventory to draw new buyers — also did not respond to requests for comment through a representative about the hack and the upcoming auctions.

The hack was bad timing — not just for Christie’s executives, but for the Pinault family, which controls the auction house through Groupe Artémis, a holding company. Artémis also controls Kering, the luxury group that owns fashion brands like Gucci and Balenciaga and is run by the billionaire François-Henri Pinault, who is also managing partner of Artemis (with his father, François Pinault, the family patriarch).

In March, Kering issued a profit warning that forecast a 10 percent drop in group revenues in the first three months of 2024, with sales at Gucci, its largest brand, falling nearly 20 percent year-on-year in the first quarter.

The Christie’s hack has also occurred in the midst of a leadership transition: The 26-year-old grandson of François Pinault, François Louis Nicolas Pinault, took the business mogul’s seat on the auction house board earlier this year. His family representatives did not immediately respond to a request for comment on Saturday.

Sotheby’s and Phillips — the two other major auction houses — said they had not experienced any cyberattacks in recent weeks.

Chelsea Binns, a cybercrime expert who teaches at the John Jay College of Criminal Justice in Manhattan, said that most companies are unprepared for hackers and should be preparing by doing drills and drafting a backup plan.

“But it’s just a matter of time,” she said. “There is a bit of denial about reality.”

Additional reporting by Julia Halperin and Vanessa Friedman in New York.