Gallery Systems Faces Disruptive Cybersecurity Attack

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

Gallery Systems, an online museum software solutions provider, revealed that it was the victim of a ransomware attack last week. The company provides asset management system software that sees use in over 800 museums around the world, which means a data breach could have wide-reaching implications.

The attack was responsible for encrypting a large but unknown quantity of data. This pushed the company into taking its systems completely offline to prevent more data from being encrypted. While initially reported as simple IT outages that were continuing through the week, we now know the systems were taken down during the incident.

As of now, no hacker groups have taken credit for the attack. The company also hasn’t reported receiving a ransom letter, so nothing is known about the threat actor or their motives. This doesn’t mean that an attack isn’t coming, however.

“We have been working around the clock to restore access to the software and we sincerely appreciate your patience during this time. We will be restoring your data with the last available backup,” states the company’s data breach report that was emailed to customers. “On Thursday, December 28, 2023, certain computer systems that run our software became encrypted, which prevented them from operating.”

Gallery Systems has already contacted the proper law enforcement agencies and an investigation is underway. However, the company does note that it’s far too early in the investigation to have many details to share.

Museums that may have been affected by the data breach include:

  • Metropolitan Museum of Art (Met).
  • San Francisco Museum of Modern Art (SFMOMA).
  • Crystal Bridges Museum of American Art.
  • New York’s Museum of Modern Art (MoMA).
  • Museum of Pop Culture (MoPOP) in Seattle.

“We sincerely regret the disruption this incident may have caused to your organization,” the company said.

Gallery Systems will provide more info as it’s uncovered.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."