In an email sent to its customers on Wednesday night, the chief technology officer of Artsy—a web platform that gives views into the artwork world in addition to works for sale for charges between “$one hundred to over $1,000,000,” as its website states—alerted customers to “a statistics security incident that may have impacted your Artsy account facts.” The observe, signed with the aid of Artsy leader era officer Daniel Doubrovkine, stated the enterprise believed that customers’ names, emails, and IP addresses can also have been some of the records stolen.
“We don’t have any evidence that commercial or monetary statistics changed into concerned, and so far we’ve got no longer obtained reviews from Artsy users of actual or tried fraud because of this incident,” the alert said. In the interest of “an over-abundance of warning,” it advised users to exchange their passwords on Artsy as well as other websites that would share comparable passwords, at the same time as stating that the web page shops best password hashes (a type of encryption used for protection).
A record posted on Monday with the aid of the Register, a British news site dedicated to generation (with the tagline “Biting the hand that feeds IT”), asserted that Artsy facts became among that taken from 16 websites and positioned up for sale at the dark web. According to the report, data associated with one million accounts on Artsy has been stolen as part of an operation that compromised 620 million money owed from websites along with the video messaging carrier Dubsmash and the online listing internet site Whitepages.
The file reads an element, “Sample account records from the multi-gigabyte databases seen by means of The Register appear to be legitimate: they consist mainly of account holder names, email addresses, and passwords. These passwords are hashed, or one-manner encrypted, and must, therefore, be cracked earlier than they can be used.” It provides, “There are a few other bits of facts, depending at the website online, inclusive of place, private info, and social media authentication tokens. There appears to be no charge or financial institution card info in the income listings.”
Reached for the remark, a spokesperson for Artsy referred ARTnews to its authentic alert note, which states that Artsy is investigating the problem.