Museum World Hit by Cyberattack on Widely Used Software

Museum World Hit by Cyberattack on Widely Used Software

Museum World Hit by Cyberattack on Widely Used Software

Several prominent museums have been unable to display their collections online since a cyberattack hit a prominent technological service provider that helps hundreds of cultural organizations show their works digitally and manage internal documents.

The Museum of Fine Arts Boston, the Rubin Museum of Art in New York and the Crystal Bridges Museum of American Art in Arkansas were among the institutions confirming that their systems have experienced outages in recent days.

The service provider, Gallery Systems, said in a recent message to clients, which was obtained by The New York Times, that it had noticed a problem on Dec. 28, when computers running its software became encrypted and could no longer operate. “We immediately took steps to isolate those systems and implemented measures to prevent additional systems from being affected, including taking systems offline as a precaution,” the company said in the message. “We also launched an investigation and third-party cybersecurity experts were engaged to assist. In addition, we notified law enforcement.”

Gallery Systems did not immediately respond to email and phone requests for comment.

Signs of disruption were evident on several museum websites because eMuseum, a tool that usually lets visitors search online collections, was down. There was also disruption behind the scenes: Some curators said that they had returned from their winter vacations to find themselves unable to access sensitive information from another Gallery Systems program called TMS. That system can include the names of donors, loan agreements, provenance records, shipping information and storage locations of priceless artworks.

“We noticed the outage starting Dec. 28,” Sandrine Milet, a spokeswoman for the Rubin Museum, said. “TMS was back and running yesterday while eMuseum is still down.”

T. Barton Thurber, the director of the Frances Lehman Loeb Art Center at Vassar College, said, “I can confirm that unfortunately our museum — along with many others — has been impacted by the attack.”

Paige Francis, the chief information officer at Crystal Bridges, said, “We are mostly concerned about the public’s inability to benefit from viewing our collection remotely during this disruption.”

Cyberattacks against cultural groups are becoming more common, according to some security experts. In November, personal data was stolen from the British Library by a ransomware group, which posted images of internal human resources files. The Metropolitan Opera and the Philadelphia Orchestra also faced cyberattacks last winter, hampering their ability to sell online tickets.

In many cases these attacks have come from ransomware groups, which hold the online service hostage until victims pay a sum. The nature of the attack on Gallery Systems was not clear.

Some museums that rely on Gallery Systems — including the Metropolitan Museum of Art and the Whitney Museum of American Art — said they were not affected because they host their own databases. The Museum of Fine Arts, Boston said that while its digital collection page no longer worked on its website, its internal data had not been compromised

It was not immediately clear how widespread the cyberattack was, or what the full impact of it would be.

“The objects in museums are valuable, but the information about them is truly priceless,” said Erin Thompson, a professor of art crime at John Jay College of Criminal Justice in New York. “Often, generations of curators will have worked to research and document an artifact. If this information is lost, the blow to our knowledge of the world would be immense.”