Excerpt from CPO Magazine, Published on October 22, 2025
If you’re following news about cybersecurity incidents, you might be concerned to learn that the Auction House, Sotheby’s, recently experienced a serious data breach. While the total number of affected individuals hasn’t been disclosed, the breach compromised highly sensitive personal information, including full names, Social Security numbers, and financial account details. According to a notice filed with the Office of the Maine Attorney General, the incident occurred on July 24, 2025, but it wasn’t discovered until September 24, 2025.
Sotheby’s acted quickly, engaging third-party cyber forensics experts to determine exactly what data was stolen and who was impacted. While there’s no evidence yet that the stolen information has been misused, anyone affected should be aware of the increased risk of identity theft and fraud. In response, the Auction House is offering twelve months of complimentary credit monitoring through TransUnion and is advising affected individuals to remain vigilant, review account statements regularly, report suspicious activity, and even consider placing credit freezes if necessary.
This isn’t the first time Sotheby’s has faced cyber threats. Between 2017 and 2021, the auction house suffered repeated Magecart attacks that exposed customer names, addresses, payment card numbers, CVVs, and expiry dates. Other high – profile auction houses, including Christie’s, have also been targeted, proving that these institutions are attractive targets for cybercriminals because of the personal and financial information of wealthy clients.
Sotheby’s emphasized that it has implemented stronger cybersecurity measures, including layered defenses, strict access controls, secure connections, and advanced threat protections. The company is committed to continually reviewing and improving its safeguards to prevent future breaches.
For anyone who deals with sensitive information or high – value transactions, this serves as an important reminder of the need for vigilance. The auction house’s proactive response and transparency offer some reassurance, but it also underscores how critical cybersecurity is in today’s digital world.
To delve deeper into this topic, Visit CPO Magazine.
