Museum World Hit by Cyberattack, Causing Online Collections to Go Down

Online collections shut down in cyberattack on widely used software

Last week, numerous museums and art institutions fell victim to a cyberattack targeting Gallery Systems, a widely used software company responsible for managing sensitive information, online archives, and collections.

Cyber attack red text between blue binary data on screen
Flickr I Marco Verch

The Museum of Fine Arts Boston, the Rubin Museum of Art in New York, and the Frances Lehman Loeb Art Center at Vassar College were among the hundreds of institutions confirming that their systems have experienced outages in recent days. In a recent message to clients, obtained by The New York Times, the service provider said that it had noticed a problem on Dec. 28, when computers running its software became encrypted and could no longer function.

"We immediately took steps to isolate those systems and implemented measures to prevent additional systems from being affected, including taking systems offline as a precaution," the company said in the message. "We also launched an investigation and third-party cybersecurity experts were engaged to assist. In addition, we notified law enforcement," said the company.

The cyberattack caused visible disruptions on museum websites, notably affecting the eMuseum tool used for online collection searches. Behind the scenes, curators returning from their winter vacations found themselves unable to access critical information stored in the TMS program by Gallery Systems. This system houses essential data such as donor names, loan agreements, provenance records, shipping information, and the locations of priceless artworks, causing substantial operational challenges for museum staff.

"We noticed the outage starting Dec. 28," Sandrine Milet, a spokeswoman for the Rubin Museum, said. "TMS was back and running yesterday while eMuseum is still down."

T. Barton Thurber, the director of the Frances Lehman Loeb Art Center at Vassar College, said, "I can confirm that unfortunately our museum - along with many others - has been impacted by the attack."

In an email to Artnet, Paige Francis, Chief Information Officer of art and wellness enterprises at The Crystal Bridges Museum in Arkansas, said, "The data of our customers and visitors has not been compromised. Access to our digital collection is the only impact." From a security standpoint, we have been proactive in shoring up our digital architecture and the breach has been minimal. Our technology and art management teams have been working closely with the vendor to resolve the issue and restore access to our digital collection."

The Metropolitan Museum of Art in New York which also uses Gallery Systems software but stores its own database, confirmed to Artnet that it was not affected by the breach. Art News revealed that museums are far from the only cultural institutions that have had to deal with cyber attacks in recent months. Last year both the Metropolitan Opera and Philadelphia Orchestra faced online attacks, and in November, a ransomware group stole personal data from the British Library, later posting images of human resource files online. In many cases, these attacks have been linked to ransomware groups that seize control of online services, demanding payment from victims before restoring access.

The nature of the attack on Gallery Systems remains unclear.

Tags
Cyberattack, New York, Software
Real Time Analytics