British auction house Christie’s has been hit with a class action lawsuit over a May 2024 data breach that compromised the personal information of approximately 500,000 current and former customers. According to the lawsuit, an email Christie’s sent to victims on May 30, 2024 reported that the compromised data included full names, genders, dates of birth, passport numbers and expiration dates, countries of birth, ID numbers and Machine Readable Zone along the bottom of a passport’s identity page.
The lawsuit further claims that Christie’s customers are now threatened by multiple forms of identity theft. These range from the obvious, such as the prospect of bad actors opening fraudulent financial accounts and taking out loans in the names of the exposed clients, to the less intuitive, including using the exposed parties’ data to illegally secure government benefits, obtain driver’s licenses pairing Christie’s clients’ names with alternate photographs and “giving false information to police during an arrest”.
Read more about it here.