Sotheby’s, a globally renowned auction house specializing in art, jewelry, and luxury collectibles, suffered a data breach after hackers gained unauthorized access to its internal systems. The intrusion exposed sensitive personal information of some clients, though the exact scope of compromised data (e.g., financial records, identities, or transaction histories) was not fully disclosed. The breach poses risks of identity theft, fraud, or reputational harm to affected clients, particularly high-net-worth individuals who frequently engage with the auction house. While Sotheby’s confirmed the incident, details on the attack vector (e.g., phishing, exploit of a vulnerability) or whether ransom demands were made remain undisclosed. The breach underscores vulnerabilities in securing high-value client data within the luxury sector, where trust and discretion are paramount. No evidence suggests operational disruption or broader systemic impact beyond the exposed client information.
TPRM report: https://www.rankiteo.com/company/sothebys
"id": "sot1850818101725",
"linkid": "sothebys",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Art and Jewelry Brokerage',
'name': 'Sotheby’s',
'type': 'Corporation'}],
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Sensitive personal '
'information']},
'description': 'Sotheby’s, one of the world’s largest art and jewelry '
'brokers, has confirmed a data breach following unauthorized '
'access to its internal systems that exposed sensitive '
'personal information belonging to some of its clients.',
'impact': {'data_compromised': ['Sensitive personal information'],
'systems_affected': ['Internal systems']},
'title': 'Sotheby’s Data Breach Exposes Sensitive Client Information',
'type': 'Data Breach'}