Gallery Systems, a leading museum software solutions provider formed in April 2022 through a merger with Artsystems, recently disclosed a ransomware attack that led to ongoing IT outages.
The incident occurred on December 28, 2023, forcing Gallery Systems to take swift action by offline systems to prevent further encryption. This cyber assault impacts over 800 museums, including renowned institutions like MoMA, Met, and MoPOP, all of which heavily rely on Gallery Systems for collection management. The ransomware attack targeted critical servers, disrupting services such as the eMuseum platform, a widely used tool for creating online collections and exhibitions.
Notably, this incident highlights the vulnerability of museum systems to cyber threats and raises concerns about data security within the art community. The encrypted servers responsible for hosting various Gallery Systems services, including the eMuseum platform, have left museums and colleges unable to access their online collections. This disruption poses significant challenges for institutions that leverage these services to showcase their exhibits and engage with the public.
Gallery Systems promptly notified law enforcement and initiated an internal investigation to assess the breach’s impact. As the company works tirelessly to restore access and recover data from the last available backup, the global art community anxiously awaits updates on the incident’s resolution.
This cyberattack underscores the critical need for heightened cybersecurity measures within the cultural and artistic sectors to safeguard invaluable collections and maintain public trust. The absence of a claim from any major ransomware group adds an element of mystery to the situation, leaving the identity and motive of the threat actors unknown.
The lack of information regarding the impact of the breach and the perpetrators involved heightens concerns across the art community. The incident serves as a stark reminder of the evolving threat landscape faced by cultural institutions, emphasizing the importance of proactive cybersecurity strategies to protect both artistic treasures and the sensitive data associated with them.
Reference:
