News

A recent cybersecurity research conducted by German experts, Martin Tschirsich and André Zilch, revealed a major vulnerability at Christie’s auction house. The researchers discovered that photos uploaded to Christie’s website often include GPS coordinates that can pinpoint the exact location of the artwork. This means that not only does Christie’s have access to this information, but anyone else who views the images on the website.

The researchers found that around 10 percent of the uploaded images contained precise GPS coordinates. This poses a serious cybersecurity risk as it exposes personal and sensitive information of the artworks’ owners. The vulnerability was brought to the attention of Christie’s more than two months ago, but the company only implemented technical measures to address the issue after being contacted by The Washington Post.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned about similar vulnerabilities at the end of July, stating that these weaknesses have compromised personal, financial, and health information of millions of users. However, CISA did not explicitly reference Christie’s in their statement.

Christie’s declined to comment on the researchers’ findings and their efforts to resolve the vulnerability. The company emphasized its commitment to protecting clients’ data and complying with legal and regulatory obligations. It remains unclear if Christie’s has informed any of its clients about the security breach. One German professor, who had uploaded images of his artwork to Christie’s, only learned about the issue when contacted by The Washington Post, and Christie’s had not reached out to him.

Tschirsich and Zilch, the German researchers, notified Christie’s about the vulnerability in June but were met with rejection when they offered their assistance. The researchers were surprised by Christie’s lack of response and willingness to resolve the issue. They were not seeking any rewards or job opportunities but were concerned about the potential risks faced by users of Christie’s services.

Overall, this incident highlights the importance of cybersecurity in all aspects of business, especially in industries that conduct transactions over the internet. It serves as a reminder that vulnerabilities can exist even in well-established organizations like Christie’s, necessitating constant assessment and resolution of any security flaws.

The post Cybersecurity Vulnerability Exposed at Christie’s Auction House appeared first on satProviders.