Almost nine of the wealthy Mayfair Art dealers have been hit by a cyber attack and investigative reports suggest that they might have lost £1 million to hackers. The Metropolitan police who have conducted the prima facie have confirmed that the galleries lost sums between £10k to £1 million.
And as per the sources reporting to our Cybersecurity Insiders, 9 galleries/individuals were targeted by hackers through phishing emails. This includes Hauser & Wirth, and London based Simon Lee, Thomas Dane, Rosenfeld Porcini and Laura Bartlett.
Hallett Independent Art Insurance issued a public statement saying that the problem could be a lot worse than what is being projected as hackers might have made huge sums of the art investors.
National Cyber Security Center which has launched a separate probe into the incident discovered that the galleries were hit by an email scam. The methods are simple- Cyber crooks gained access to art dealers email accounts some time ago and started tracking the emails coming in & out.
As soon as the gallery sent a PDF invoice to a client via email, the hackers sent a duplicate invoice impersonating the galleries email address and told the client to ignore the first invoice and instead wire payment to the bank account mentioned in the second invoice.
The same technique was used by hackers to steal the payments made by the gallery to the artists.
Laura Bartlett, a London based dealer was forced to close her gallery in east London after a cyber attack.
Laura says that she and her US clients could not recover the money from the intercepted sale as the investigation is going on. She added that she did not insure the event as she did not expect such scenario to take place.
Other art galleries in London are now taking precautionary measures to prevent the impact from cyber attacks. It is said that they are going for Cheque payment after a phone call and have completely banned the use of wire payment for this year.
Although, the said kind of payment services is time-consuming, it completely takes away the cyber threat of being scammed by the hackers.