Christie’s auction house is facing a class action lawsuit after a data breach exposed the personal information of over 500,000 customers. The lawsuit, filed by plaintiff Efstathios Maroulis in a New York federal court, accuses Christie’s of negligence and failing to implement adequate cybersecurity measures. The compromised data includes sensitive details such as full names, passport numbers, and birth dates, leaving customers vulnerable to identity theft and fraud.
The breach occurred on May 30 and was attributed to a cyberattack by the ransomware group known as RansomHub. Maroulis claims that Christie’s did not provide sufficient information about the breach, leaving affected customers struggling to protect their data. He has reported spending significant time safeguarding his personal information and experiencing an increase in spam communications as a result of the breach.
Maroulis is seeking to represent all U.S. residents whose personal information was accessed during the breach. The lawsuit demands compensation for damages, including lost time and the emotional toll of the breach, as well as an injunction requiring Christie’s to enhance its data security practices.
This lawsuit is part of a broader trend, with numerous companies facing similar legal actions following major cyberattacks. Christie’s joins a growing list of businesses, including AT&T and Change Healthcare, that have been accused of failing to protect customer data, resulting in widespread legal challenges and demands for better cybersecurity protocols.
Reference:
