{"id":190930,"date":"2026-02-26T13:25:00","date_gmt":"2026-02-26T18:25:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/26\/hackers-target-the-art-market-but-buyers-are-safer-than-they-think\/"},"modified":"2026-02-26T13:40:17","modified_gmt":"2026-02-26T18:40:17","slug":"hackers-target-the-art-market-but-buyers-are-safer-than-they-think","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/26\/hackers-target-the-art-market-but-buyers-are-safer-than-they-think\/","title":{"rendered":"Hackers Target the Art Market, But Buyers Are Safer Than They Think"},"content":{"rendered":"

Hackers Target the Art Market, But Buyers Are Safer Than They Think<\/a><\/p>\n

https:\/\/observer.com\/2026\/02\/art-market-guide-cybersecurity-auction-houses-galleries-art-collectors\/<\/a><\/p>\n

Publish Date: 2026-02-26 13:25:00<\/a><\/p>\n

Source Domain: observer.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

\t\tAs auction houses and galleries move deeper into digital commerce, cybersecurity has become a central concern rather than a back-office afterthought. Graphic by Egor Komarov (@egorkomarov)
\nIt was an absolute mess. \u201cThe art dealer\u2019s sales team was locked out of its inventory information, freezing their sales transactions,\u201d Steve Pincus Sr., managing director of insurance brokerage firm Risk Strategies, told Observer. A cybercriminal was holding the gallery\u2019s data hostage by hacking into its systems and encrypting the files, agreeing to decrypt them only after payment\u2014in other words, the gallery was dealing with a ransomware attack. \u201cOnce the ransom was paid and system access was restored, it still took several months to be sure that the existing data was not manipulated in any way.\u201d<\/p>\n

Until the data was verified, it was effectively useless. In the meantime, the sales team could not access inventory. \u201cThey didn\u2019t know what works were for sale, for how much, or any other data related to any individual work of art,\u201d Pincus added. Sales were lost, and the gallery filed what is known as a Business Interruption claim.
\nFortunately, the gallery had taken out a cyber policy that covered business interruptions, and the insurer paid out a claim exceeding seven figures. This is not simply a story about the value of business insurance, however, but about the risks individual dealers, galleries and auction houses face from hackers seeking sensitive client data, including names, addresses, occupations, credit card numbers, bank accounts and even passport numbers\u2014everything clients provide in order to buy and sell at the highest levels of the commercial art world
\n\u201cWe get attacked very regularly\u2014weekly if not daily,\u201d Sam Spiegel, technology principal at Heritage Auctions, told Observer. The company\u2019s security systems generally blunt those attacks, though the occasional hacker breaks through. In 2019, a ransomware attack took down its website for several days, but Heritage had backups in place and didn\u2019t lose any data. More importantly, it did not have to pay a ransom. There have also been denial-of-service attacks, in which a hacker floods a targeted machine or resource with superfluous requests to overload systems and prevent legitimate traffic from being processed. \u201cWe\u2019ve had a couple of those, the last one in 2021, but it only lasted a few minutes. We were able to get things back up and running.\u201d Credit goes to the auction house\u2019s layered back-up systems, fail-safes and redundancies, along with its use of multiple third-party payment platforms where all client financial data is processed.
\nSpiegel did not come out of the tech world. He graduated from the University of Chicago with a degree in classics and history and joined Heritage in 2013 as part of the auction house\u2019s World & Ancient Coins department. His first foray into the online realm was creating an index of modern and ancient coins that provided clients with pricing and historical context. Technology is something he learned along the way. It is, he admitted, a thankless job, since most clients don\u2019t think about data security until something goes wrong. \u201cWe could put out a press release saying \u2018Nothing bad happened this week,\u2019 but our clients don\u2019t even want to know that something bad was a possibility.\u201d
\nWhat is possible is never far from mind for those tasked with protecting against known and unknown threats. Joshua Eldred, president of Eldred\u2019s auction house, experienced ransomware incidents twice in what he now calls \u201cthe old days,\u201d before the company began using a third-party payment platform\u2014Authorize.net\u2014to handle transactions. \u201cWe outsource everything,\u201d he told Observer. \u201cWe have no sensitive information on our system.\u201d The storage and protection of sensitive client information is left to firms whose core business is defending against cyberattacks, allowing the auction house to focus on selling. Numerous comparable service companies work with galleries and auction houses, with new ones emerging regularly, including Bidpath, Stripe, Square, Chase PaymentTech, Dwolla, AliPay, AuctionPay, Plaid and PaymentCloud. Still, Authorize.net does not relieve Eldred\u2019s of the need for vigilance. Employees are trained to recognize phishing attempts, and staff conduct is periodically reviewed. \u201cWe tell staff, \u2018don\u2019t click on anything unless you know where it came from.\u2019\u201d
\nCybersecurity is not a subject auction houses are eager to discuss publicly. \u201cIf I say that we\u2019ve never been hacked, that likely would lead to hackers targeting us, so no thank you,\u201d the CEO of one auction house said on condition of anonymity. Few buyers or consignors ever ask about safety protocols. A spokesperson for Sotheby\u2019s stated that the auction house \u201ctakes proactive steps to safeguard our systems and data by regularly updating our security protocols and enhancing our monitoring capabilities to better protect our clients and their valuable information.\u201d A spokesperson for Phillips said that the auction house \u201cremains continuously focused on strengthening our defenses as digital engagement with our auctions continues to grow.\u201d
\nA worst-case scenario unfolded at Christie\u2019s in May 2024, when the auction house experienced a ransomware attack that lasted 10 days, resulting in a payment of an undisclosed sum to hackers and a $990,000 settlement of a threatened class-action lawsuit to compensate approximately 45,798 people whose data was compromised.
\nEvery sector of the arts economy is vulnerable to hackers, of course. Security breaches have occurred at museums across the U.S., including the Smithsonian Institution in Washington, D.C., Parrish Art Museum in Southampton, New York, Museum of Fine Arts Boston, Frances Lehman Loeb Art Center at Vassar College in Arlington, New York and Crystal Bridges Museum of American Art in Bentonville, Arkansas, as well as at numerous for-profit companies. In 2020, the online art marketplace LiveAuctioneers suffered a data breach affecting 3.4 million buyers and sellers, exposing names, email and mailing addresses, phone numbers and encrypted passwords.
\nGalleries are particularly vulnerable because \u201cthey don\u2019t have a dedicated IT person whose job it is to monitor the online systems,\u201d said James Carroll, founder of Hacket Cyber, a Syracuse, New York-based firm hired by large and small businesses, including galleries and museums, to test the security of their databases and other software. \u201cThe people working in galleries want to talk about art and artists, not about the security of clients\u2019 information.\u201d
\nGalleries also tend to outsource client data storage and rely on security software that may or may not be kept up to date. Cristin Tierney, a gallery owner in New York City, told Observer that \u201cwe do not keep client financial and banking information in our database,\u201d adding that \u201call staff are asked to periodically change their passwords.\u201d She said the gallery has never experienced a breach; perhaps those measures have been sufficient.
\nThe Manhattan-based Art Dealers Association of America serves as an information hub for its members, circulating alerts on active scams, fraud patterns and emerging cybersecurity risks so galleries can take appropriate precautions. Kinsey Robb, executive director of the association, stated that \u201cas the art trade becomes increasingly digital, cybersecurity has shifted from a back-office concern to a core operational issue. Our focus at the ADAA is on education and timely information-sharing, helping galleries stay alert to evolving risks and contributing to broader conversations around internal protocols, staff training and cyber insurance as part of sound risk management. The challenge is no longer whether the art trade will face cyber risk, but how proactively the field adapts as those risks continue to evolve.\u201d
\nTo qualify for cybersecurity insurance, one fine art insurer said, galleries must have certain \u201cprotocols in place,\u201d including \u201cfirewalls and dual-identification systems,\u201d along with procedures for verifying vendor information before making payments. Some galleries take the process seriously, while others assume the third-party companies they use will keep them safe.
\n\u201cA well-informed bidder is a confident bidder,\u201d Spiegel said, defining well-informed as someone who understands the quality and value of the objects they are considering. That confidence can erode if buyers worry that the personal data they provide when registering for a sale is not secure. \u201cHeritage is a very technology-forward company, and we have the largest IT department of any auction house,\u201d with many of those employees monitoring phishing emails and, more recently, A.I.-driven scams in which bots impersonate clients. \u201cA.I. is definitely the next wave of cyber attacks,\u201d which will no doubt keep him and his counterparts at auction houses and galleries busy well into the future.
\nMore for art collectors<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Hackers Target the Art Market, But Buyers Are Safer Than They Think https:\/\/observer.com\/2026\/02\/art-market-guide-cybersecurity-auction-houses-galleries-art-collectors\/ Publish Date:…<\/p>\n","protected":false},"author":1,"featured_media":190931,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/observer.com\/wp-content\/uploads\/sites\/2\/2026\/02\/art-market-cycbersecurity-galleries-auction-houses-e1772130313152.jpeg?quality=80","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,28,35,25],"class_list":["post-190930","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-data-security","tag-hacker","tag-phishing"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/190930"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=190930"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/190930\/revisions"}],"predecessor-version":[{"id":190932,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/190930\/revisions\/190932"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/190931"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=190930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=190930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=190930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}