Top online gallery provider takes systems offline following ransomware attack

Gallery Systems confirms suffering a ransomware attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Hackers appear to have been incredibly busy over the 2023 holiday season, after yet another company has announced suffering a disruptiveransomwareattack.

Gallery Systems, a museum software solutions provider that was forced to shut parts of its infrastructure down as a result of the incident, has notified its customers of the breach.

In the announcement, shared withBleepingComputer, Gallery Systems said the attack happened on December 28, and since itsendpointswere being encrypted, it was forced to take them down.

Unidentified attackers

“On Thursday, December 28, 2023, certain computer systems that run our software became encrypted, which prevented them from operating,” the company said in its announcement.

“We have been working around the clock to restore access to the software and we sincerely appreciate your patience during this time. We will be restoring your data with the last available backup.”

Gallery Systems is a major provider of gallery and collection management software, whose portfolio apparently counts more than 800 museums. Some of its clients include the New York’s Museum of Modern Art (MoMA), the Metropolitan Museum of Art (Met), the Chrysler Museum of Art, the Museum of Pop Culture (MoPOP) in Seattle, the Barnes Foundation, the Crystal Bridges Museum of American Art, and the San Francisco Museum of Modern Art (SFMOMA), BleepingComputer says.

Some of the servers the company was forced to take down hosted an online public viewing platform called eMuseum.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In the meantime, the company notified the police and is currently investigating the impact of the incident. Gallery Systems promised to provide further details as the investigation progresses.

So far, no threat actors have claimed responsibility for the attack. Usually, a hacking collective would add its victim to an underground data leak site to increase the pressure and force it to negotiate a ransom.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

This can’t get any better for Black Friday – LG’s B4 OLED TV drops to just $649.99