A late-December cyberattack has affected several arts institutions across the US, rendering digital collections displays temporarily unviewable. The attack, which targeted the software provider Gallery Systems, disabled access to collection- and archive-management services widely used by museums, academic institutions and corporations worldwide. Clients reporting outages include New York’s Rubin Museum of Art, Arkansas’s Crystal Bridges Museum of American Art, the Frances Lehman Loeb Art Center at Vassar College and the Museum of Fine Arts, Boston.
In a recent message to clients obtained by Zachary Small of the New York Times, Gallery Systems said: “We immediately took steps to isolate those systems and implemented measures to prevent additional systems from being affected, including taking systems offline as a precaution,” adding that they had “launched an investigation and third-party cybersecurity experts were engaged to assist”. They also notified law enforcement.
Issues with the company’s software were first internally noted on 28 December, but the scale of the attack only became clear as museum staff found themselves unable to access various Gallery Systems programmes governing archival and operations records after returning from the winter holidays. Due to the temporary disruptions to the company’s eMuseum tool, museum visitors were also unable to access collections information.
Speaking to the Times, Erin Thompson, a professor of art crime at John Jay College of Criminal Justice, said: “The objects in museums are valuable, but the information about them is truly priceless. Often, generations of curators will have worked to research and document an artefact. If this information is lost, the blow to our knowledge of the world would be immense.”
Thankfully, the attack’s debilitating consequences on museum systems have not been universal; some Gallery Systems users, such as the Metropolitan Museum of Art at the Whitney Museum of American Art, host their own databases and have remained unaffected. Regarding the threat of lost information, Gallery Systems told clients: “We have been working around the clock to restore access to the software… We will be restoring your data with the last available backup.”
While similar attacks are often orchestrated with ransomware and seek payment in exchange for safe return of services and information, the motivation of the Gallery Systems attack is still unknown.