Cyberattacks hit software used by museums, causing online collections to go down. Overall, the institutions used this software to secure their sensitive information. Affected organisations by the hack included the Crystal Bridges Museum and the Rubin Museum. The attack occurred last week, on December 28.
Cyberattacks Because of Ransom?
Bleeping Computer was the initial outlet to report on the story. The outlet obtained a copy of a notification of an incident that was delivered to organisations by Gallery Systems, a supplier of museum software solutions. On December 28, it revealed that a ransomware attack was the reason behind its continued IT disruptions.
“Certain computer systems that run our software became encrypted, which prevented them from operating”, read the letter. “We have been working around the clock to restore access to the software. And, we sincerely appreciate your patience during this time. We will be restoring your data with the last available backup”, it continues. It was unclear at first if a ransom was necessary, even though the report described the occurrence as a malware infection.
The New York Times also managed to secure the letter. The media also reported that Gallery Systems alerted authorities and contacted outside cybersecurity specialists for support. Some of the museums affected that confirmed the breach to the Times include the Frances Lehman Loeb Art Center at Vassar College, the Rubin Museum of Art in New York, and Crystal Bridges Museum of American Art in Arkansas.
Get the latest articles delivered to your inboxSign up to our Free Weekly Newsletter
“The Crystal Bridges eMuseum, which is a system that provides access to our online collection, has been down for a week due to the recent Gallery Systems issue”, said Paige Francis, chief information officer of art and wellness enterprises at the museum. Francis said that the museum is “mostly concerned about the public’s inability to benefit from viewing our collection remotely during this disruption”.
“The data of our customers and visitors has not been compromised. Access to our digital collection is the only impact,” Francis said. “From a security standpoint, we have been proactive in shoring up our digital architecture and the breach has been minimal. Our technology and art management teams have been working closely with the vendor to resolve the issue and restore access to our digital collection”.
The Metropolitan Museum of Art in New York, which also uses Gallery Systems software but stores its own database, confirmed to Artnet News that it was not affected by the breach. And, according to the Times, neither was the Whitney Museum of American Art. The Museum of Fine Arts in Boston told the Times that its online collections page was affected by the hack but that its internal data was not compromised.