Top online gallery provider takes systems offline following ransomware attack

Lock on Laptop Screen
(Image credit: (Image credit: Future)

Hackers appear to have been incredibly busy over the 2023 holiday season, after yet another company has announced suffering a disruptive ransomware attack.

Gallery Systems, a museum software solutions provider that was forced to shut parts of its infrastructure down as a result of the incident, has notified its customers of the breach. 

In the announcement, shared with BleepingComputer, Gallery Systems said the attack happened on December 28, and since its endpoints were being encrypted, it was forced to take them down.

Unidentified attackers

"On Thursday, December 28, 2023, certain computer systems that run our software became encrypted, which prevented them from operating," the company said in its announcement. 

"We have been working around the clock to restore access to the software and we sincerely appreciate your patience during this time. We will be restoring your data with the last available backup."

Gallery Systems is a major provider of gallery and collection management software, whose portfolio apparently counts more than 800 museums. Some of its clients include the New York's Museum of Modern Art (MoMA), the Metropolitan Museum of Art (Met), the Chrysler Museum of Art, the Museum of Pop Culture (MoPOP) in Seattle, the Barnes Foundation, the Crystal Bridges Museum of American Art, and the San Francisco Museum of Modern Art (SFMOMA), BleepingComputer says. 

Some of the servers the company was forced to take down hosted an online public viewing platform called eMuseum. 

In the meantime, the company notified the police and is currently investigating the impact of the incident. Gallery Systems promised to provide further details as the investigation progresses.

So far, no threat actors have claimed responsibility for the attack. Usually, a hacking collective would add its victim to an underground data leak site to increase the pressure and force it to negotiate a ransom.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.