嗯,用户让我用中文总结一下这篇文章的内容,控制在100个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先,我需要通读整篇文章,抓住主要信息。文章讲的是苏富比拍卖行在7月24日发生了数据泄露事件,导致客户和财务信息被暴露。他们花了两个月时间调查,确定了被盗信息和受影响的人。苏富比是国际知名拍卖行,历史悠久,主要卖艺术品、珠宝等。这次事件中,攻击者身份不明,泄露的信息包括姓名、社保号和财务账户信息。苏富比没有透露受影响人数,但提供了12个月的免费身份保护服务。此外,没有犯罪集团声称对此负责。 接下来,我要把这些信息浓缩到100字以内。重点包括:苏富比的数据泄露时间、泄露的信息类型、调查时间、提供的补救措施以及背景情况(比如其他拍卖行也曾遭遇类似事件)。 可能的结构是:苏富比在7月24日发生数据泄露,涉及客户和财务信息;调查两个月后通知受影响者,并提供免费服务;攻击者未被识别;这是继佳士得之后的又一拍卖行遭受攻击。 现在组织语言: 苏富比于7月24日发生数据泄露事件,导致客户和财务信息外泄。经过两个月调查后通知受影响者,并提供免费身份保护服务。攻击者尚未被识别。此前佳士得也遭遇类似事件。 检查字数:大约70字左右,符合要求。 </think> 苏富比于7月24日发生数据泄露事件,导致客户和财务信息外泄。经过两个月调查后通知受影响者,并提供免费身份保护服务。攻击者尚未被识别。此前佳士得也遭遇类似事件。 2025-10-17 07:38:49 Author: securityaffairs.com(查看原文) 阅读量:10 收藏
Auction house Sotheby’s disclosed a July data breach
Sotheby’s reported a July 24 breach exposing customer and financial data; it took two months to assess the stolen information and affected individuals.
Sotheby’s reported a data breach that exposed customer information, including financial details. The company discovered the security breach on July 24, and investigators spent two months determining what data was stolen and who was affected.
Sotheby’s is a major international auction house that sells fine art, jewelry, collectibles, and luxury goods. Founded in 1744 in London, it’s one of the world’s oldest and most prestigious auction firms, with headquarters now in New York and sales held globally.
On July 24, 2025, the auction house discovered that an unknown actor had stolen data from its systems. The company launched an investigation with third-party experts to identify what information was taken and who was affected. After completing the review on September 24, Sotheby’s began notifying impacted individuals and offering free identity monitoring services.
“On July 24, 2025, Sotheby’s became aware that certain Sotheby’s data appeared to have been removed from its environment by an unknown actor. Sotheby’s immediately began an investigation to determine what data was involved, which included downloading and cataloging the data with instruction by third-party specialists for further review and analysis. After that process was completed, Sotheby’s began a comprehensive review of the data to determine what personal information was potentially contained within the data and to whom it relates.” reads the data breach notification shared with the Maine Attorney General. “The review was completed on or around September 24, 2025, which allowed Sotheby’s to arrange services to provide individuals with notice and an offer of complimentary identity monitoring.”
The exposed personal information varies by individual, but includes the name, Social Security number, and financial account information.
The company hasn’t disclosed the number of impacted individuals.
Sotheby’s offered affected customers 12 months of free identity protection and credit monitoring through TransUnion.
At this time, no cybercrime groups have claimed responsibility for the attack.
In May 2024, another auction house, Christie’s, suffered a cyberattack. The company disclosed a data breach after the ransomware group RansomHub threatened to leak stolen data.
The extortion group said they had stolen 2GB of sensitive information, including personal information belonging to at least 500,000 Christie’s clients.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Sotheby’s)
如有侵权请联系:admin#unsafe.sh