An anonymous reader quotes a report from the BBC: Hackers are attempting to sell what they say is confidential information belonging to millions of Santander staff and customers. They belong to the same gang which this week claimed to have hacked Ticketmaster. The bank -- which employs 200,000 people worldwide, including around 20,000 in the UK -- has confirmed data has been stolen. Santander has apologized for what it says is "the concern this will understandably cause" adding it is "proactively contacting affected customers and employees directly."

"Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed," it said in a statement posted earlier this month. "No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords." It said its banking systems were unaffected so customers could continue to "transact securely."

In a post on a hacking forum -- first spotted by researchers at Dark Web Informer- the group calling themselves ShinyHunters posted an advert saying they had data including: 30 million people's bank account details, 6 million account numbers and balances, 28 million credit card numbers, and HR information for staff. Santander has not commented on the accuracy of those claims.

Japanese crypto exchange DMM Bitcoin confirmed on Friday that it had been the victim of a hack resulting in the theft of 4,502.9 bitcoin, or about $305 million. From a report: According to crypto security firm Elliptic, this is the eighth largest crypto theft in history. DMM Bitcoin said it detected "an unauthorized leak of Bitcoin (BTC) from our wallet" on Friday and that it was still investigating and had taken measures to stop further thefts. The crypto exchange said it also "implemented restrictions on the use of some services to ensure additional safety," according to a machine translation of the company's official blog post (written in Japanese).

An anonymous reader shares a report: The sound of the 1990s still resonates in the German capital. Like techno music, the fax machine remains on trend. According to the latest figures from Germany's digital industry association, four out of five companies in Europe's largest economy continue to use fax machines and a third do so frequently or very frequently. Much as Germany's reputation for efficiency is regularly undermined by slow internet connections and a reliance on paper and rubber stamps, fax machines are at odds with a world embracing artificial intelligence.

But progress is on the horizon in the Bundestag -- the lower house of parliament -- where lawmakers have been instructed by the parliamentary budget committee to ditch their trusty fax machines by the end of June, and rely on email instead for official communication. Torsten Herbst, parliamentary whip of the pro-business Free Democrats, points out one fax machine after the other as he walks through the Bundestag. He says the public sector is particularly fond of faxing and that joining parliament was like going back in time.

Google has published an update on the deprecation timeline of so-called Manifest V2 extensions in the Chrome web browser. Starting this June, Chrome will inform users with classic extensions about the deprecation. From a report: Manifests are rulesets for extensions. They define the capabilities of extensions. When Google published the initial Manifest V3 draft, it was criticized heavily for it. This initial draft had significant impact on content blockers, privacy extensions, and many other extension types. Many called it the end of adblockers in Chrome because of that. In the years that followed, Google postponed the introduction and updated the draft several times to address some of these concerns.

Despite all the changes, Manifest V3 is still limiting certain capabilities. The developer of uBlock Origin listed some of these on GitHub. According to the information, current uBlock Origin capabilities such as dynamic filtering, certain per-site switches, or regex-based filters are not supported by Manifest V3. The release of uBlock Origin Minus highlights this. It is a Manifest V3 extension, but limited in comparison to the Manifest V2-based uBlock Origin.

Vista Equity Partners has written off the entire equity value of its investment in tech learning platform Pluralsight, three years after taking it private for $3.5 billion, Axios reported Friday. From the report: One source says that the Utah-based company's financials have improved, with around 26% EBITDA growth in 2023, but not enough to service nearly $1.3 billion of debt that was issued when interest rates were lower. It's also a company whose future could be dimmed by advances in artificial intelligence, since some of the developer skills it teaches are becoming automated. Vista agreed to buy the company in late 2020 for $20.26 per share, representing a 25% premium to its 30-day trading average, despite a lack of profits.

Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19 after a threat actor breached the company's website, stealing the Fanzone member information of 500,000 customers. BleepingComputer reports: [A] threat actor known as 'Ghostr' told us they hacked the company's Fanzone website on May 18 and downloaded its linked databases. Cooler Master's Fanzone site is used to register a product's warranty, request an RMA, or open support tickets, requiring customers to fill in personal data, such as names, email addresses, addresses, phone numbers, birth dates, and physical addresses. Ghostr said they were able to download 103 GB of data during the Fanzone breach, including the customer information of over 500,000 customers.

The threat actor also shared data samples, allowing BleepingComputer to confirm with numerous customers listed in the breach that their data was accurate and that they recently requested support or an RMA from Cooler Master. Other data in the samples included product information, employee information, and information regarding emails with vendors. The threat actor claimed to have partial credit card information, but BleepingComputer could not find this data in the data samples. The threat actor now says they will sell the leaked data on hacking forums but has not disclosed the price. Cooler Master said in a statement to BleepingComputer: "We can confirm on May 19, Cooler Master experienced a data breach involving unauthorized access to customer data. We immediately alerted the authorities, who are actively investigating the breach. Additionally, we have engaged top security experts to address the breach and implement new measures to prevent future incidents. These experts have successfully secured our systems and enhanced our overall security protocols. We are in the process of notifying affected customers directly and advising them on next steps. We are committed to providing timely updates and support to our customers throughout this process."

Framework, a company known for its modular laptops, has announced a fourth round of iterative updates and upgrade options for its Framework Laptop 13. The upgrades include motherboards and pre-built laptops featuring new Intel Meteor Lake Core Ultra processors with Intel Arc dedicated GPUs, lower prices for AMD Ryzen 7000 and 13th-gen Intel editions, and a new display with a higher resolution and refresh rate.

The Core Ultra boards come with three CPU options, with prices starting at $899 for a pre-built or DIY model. Upgrading from an older Intel Framework board requires an upgrade to DDR5 RAM, and Framework charges $40 for every 8GB of DDR5-5600, which is above market rates. The new 13.5-inch display has a resolution of 2880x1920, a 120 Hz refresh rate, and costs $130 more than the standard display.

Google Cloud faced a major setback earlier this month when it accidentally deleted the account of UniSuper, an Australian pension fund managing $135 billion in assets, causing a two-week outage for its 647,000 members. Google Cloud has since completed an internal review of the incident and published a blog post detailing the findings. ArsTechnica: Google has a "TL;DR" at the top of the post, and it sounds like a Google employee got an input wrong.

"During the initial deployment of a Google Cloud VMware Engine (GCVE) Private Cloud for the customer using an internal tool, there was an inadvertent misconfiguration of the GCVE service by Google operators due to leaving a parameter blank. This had the unintended and then unknown consequence of defaulting the customer's GCVE Private Cloud to a fixed term, with automatic deletion at the end of that period. The incident trigger and the downstream system behavior have both been corrected to ensure that this cannot happen again."

A widespread outage affecting over 600,000 routers connected to Windstream's Kinetic broadband service left customers without internet access for several days last October, according to a report by security firm Lumen Technologies' Black Lotus Labs. The incident, dubbed "Pumpkin Eclipse," is believed to be the result of a deliberate attack using commodity malware known as Chalubo to overwrite router firmware. Windstream, which has about 1.6 million subscribers in 18 states, has not provided an explanation for the outage. The company sent replacement routers to affected customers, many of whom reported significant financial losses due to the disruption. ArsTechnica adds: After learning of the mass router outage, Black Lotus began querying the Censys search engine for the affected router models. A one-week snapshot soon revealed that one specific ASN experienced a 49 percent drop in those models just as the reports began. This amounted to the disconnection of at least 179,000 ActionTec routers and more than 480,000 routers sold by Sagemcom. The constant connecting and disconnecting of routers to any ISP complicates the tracking process, because it's impossible to know if a disappearance is the result of the normal churn or something more complicated. Black Lotus said that a conservative estimate is that at least 600,000 of the disconnections it tracked were the result of Chaluba infecting the devices and, from there, permanently wiping the firmware they ran on. After identifying the ASN, Black Lotus discovered a complex multi-path infection mechanism for installing Chaluba on the routers.

Google has confirmed the authenticity of 2,500 leaked internal documents detailing the company's data collection practices. The documents offer insights into Google's closely guarded search ranking algorithm. However, Google cautioned against making inaccurate assumptions based on incomplete information. The Verge adds: The leaked material suggests that Google collects and potentially uses data that company representatives have said does not contribute to ranking webpages in Google Search, like clicks, Chrome user data, and more. The thousands of pages of documents act as a repository of information for Google employees, but it's not clear what pieces of data detailed are actually used to rank search content -- the information could be out of date, used strictly for training purposes, or collected but not used for Search specifically. The documents also do not reveal how different elements are weighted in search, if at all.

An anonymous reader quotes an op-ed from The Globe and Mail, written by Kate Robertson and Ron Deibert. Robertson is a senior research associate and Deibert is director at the University of Toronto's Citizen Lab. From the piece: A federal cybersecurity bill, slated to advance through Parliament soon, contains secretive, encryption-breaking powers that the government has been loath to talk about. And they threaten the online security of everyone in Canada. Bill C-26 empowers government officials to secretly order telecommunications companies to install backdoors inside encrypted elements in Canada's networks. This could include requiring telcos to alter the 5G encryption standards that protect mobile communications to facilitate government surveillance. The government's decision to push the proposed law forward without amending it to remove this encryption-breaking capability has set off alarm bells that these new powers are a feature, not a bug.

There are already many insecurities in today's networks, reaching down to the infrastructure layers of communication technology. The Signalling System No. 7, developed in 1975 to route phone calls, has become a major source of insecurity for cellphones. In 2017, the CBC demonstrated how hackers only needed a Canadian MP's cell number to intercept his movements, text messages and phone calls. Little has changed since: A 2023 Citizen Lab report details pervasive vulnerabilities at the heart of the world's mobile networks. So it makes no sense that the Canadian government would itself seek the ability to create more holes, rather than patching them. Yet it is pushing for potential new powers that would infect next-generation cybersecurity tools with old diseases.

It's not as if the government wasn't warned. Citizen Lab researchers presented the 2023 report's findings in parliamentary hearings on Bill C-26, and leaders and experts in civil society and in Canada's telecommunications industry warned that the bill must be narrowed to prevent its broad powers to compel technical changes from being used to compromise the "confidentiality, integrity, or availability" of telecommunication services. And yet, while government MPs maintained that their intent is not to expand surveillance capabilities, MPs pushed the bill out of committee without this critical amendment last month. In doing so, the government has set itself up to be the sole arbiter of when, and on what conditions, Canadians deserve security for their most confidential communications -- personal, business, religious, or otherwise. The new powers would only make people in Canada more vulnerable to malicious threats to the privacy and security of all network users, including Canada's most senior officials. [...] "Now, more than ever, there is no such thing as a safe backdoor," the authors write in closing. "A shortcut that provides a narrow advantage for the few at the expense of us all is no way to secure our complex digital ecosystem."

"Against this threat landscape, a pivot is crucial. Canada needs cybersecurity laws that explicitly recognize that uncompromised encryption is the backbone of cybersecurity, and it must be mandated and protected by all means possible."

The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data more than half a billion users. "This massive 1.3 terabytes of data, is now being offered for sale on Breach Forums for a one-time sale for $500,000," reports Hackread. From the report: ShinyHunters has allegedly accessed a treasure trove of sensitive user information, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. Specifically, the compromised payment data includes customer names, the last four digits of card numbers, expiration dates, and even customer fraud details. The data breach, if confirmed, could have severe implications for the affected users, leading to potential identity theft, financial fraud, and further cyber attacks. The hacker group's bold move to put this data on sale goes on to show the growing menace of cybercrime and the increasing sophistication of these cyber adversaries.

An anonymous reader quotes a report from KrebsOnSecurity: The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.

From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as "proxies" that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe -- but predominantly in the United States. 911 built its proxy network mainly by offering "free" virtual private networking (VPN) services. 911's VPN performed largely as advertised for the user -- allowing them to surf the web anonymously -- but it also quietly turned the user's computer into a traffic relay for paying 911 S5 customers. 911 S5's reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that "last mile" of cybercrime. Namely, the ability to route one's malicious traffic through a computer that is geographically close to the consumer whose stolen credit card is about to be used, or whose bank account is about to be emptied.

In July 2022, KrebsOnSecurity published a deep dive into 911 S5, which found the people operating this business had a history of encouraging the installation of their proxy malware by any means available. That included paying affiliates to distribute their proxy software by secretly bundling it with other software. That story named Yunhe Wang from Beijing as the apparent owner or manager of the 911 S5 proxy service. In today's Treasury action, Mr. Wang was named as the primary administrator of the botnet that powered 911 S5. Update, May 29, 12:26 p.m. ET: The U.S. Department of Justice (DOJ) just announced they have arrested Wang in connection with the 911 S5 botnet. The DOJ says 911 S5 customers have stolen billions of dollars from financial institutions, credit card issuers, and federal lending programs. [...] The third man sanctioned is Yanni Zheng, a Chinese national the U.S. Treasury says acted as an attorney for Wang and his firm -- Spicy Code Company Limited -- and helped to launder proceeds from the business into real estate holdings. Spicy Code Company was also sanctioned, as well as Wang-controlled properties Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited. "911 S5 customers allegedly targeted certain pandemic relief programs," a DOJ statement on the arrest reads. "For example, the United States estimates that 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion. Additionally, in evaluating suspected fraud loss to the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5. Millions of dollars more were similarly identified by financial institutions in the United States as loss originating from IP addresses compromised by 911 S5."

"Jingping Liu assisted Yunhe Wang by laundering criminally derived proceeds through bank accounts held in her name that were then utilized to purchase luxury real estate properties for Yunhe Wang," the document continues. "These individuals leveraged their malicious botnet technology to compromise personal devices, enabling cybercriminals to fraudulently secure economic assistance intended for those in need and to terrorize our citizens with bomb threats."

IP core designer Arm announced its next-generation CPU and GPU designs for flagship smartphones: the Cortex-X925 CPU and Immortalis G925 GPU. Both are direct successors to the Cortex-X4 and Immortalis G720 that currently power MediaTek's Dimensity 9300 chip inside flagship smartphones like the Vivo X100 and X100 Pro and Oppo Find X7. From a report: Arm changed the naming convention for its Cortex-X CPU design to highlight what it says is a much faster CPU design. It claims the X925's single-core performance is 36 percent faster than the X4 (when measured in Geekbench). Arm says it increased the AI workload performance by 41 percent, time to token, with up to 3MB of private L2 cache. The Cortex-X925 brings a new generation of Cortex-A microarchitectures ("little" cores) with it, too: the Cortex-A725, which Arm says has 35 percent better performance efficiency than last-gen's A720 and a 15 percent more power-efficient Cortex-A520.

Arm's new Immortalis G925 GPU is its "most performant and efficient GPU" to date, it says. It's 37 percent faster on graphics applications compared to the last-gen G720, with improved ray-tracing performance with intricate objects by 52 percent and improved AI and ML workloads by 34 percent -- all while using 30 percent less power. For the first time, Arm will offer "optimized layouts" of its new CPU and GPU designs that it says will be easier for device makers to "drop" or implement into their own system on chip (SoC) layouts. Arm says this new physical implementation solution will help other companies get their devices to market faster, which, if true, means we could see more devices with Arm Cortex-X925 and / or Immortalis G925 than the few that shipped with its last-gen ones.

The term "auth" is ambiguous, often meaning either authentication (authn) or authorization (authz), which leads to confusion and poor system design. Instead, Nicole Tietz-Sokolskaya, a software engineer at AI market research platform Remesh, argues that the industry adopt the terms "login" for authentication and "permissions" for authorization, as these are clearer and help maintain distinct, appropriate abstractions for each concept. From their blog post: We should always use the most clear terms we have. Sometimes there's not a great option, but here, we have wonderfully clear terms. Those are "login" for authentication and "permissions" for authorization. Both are terms that will make sense with little explanation (in contrast to "authn" and "authz", which are confusing on first encounter) since almost everyone has logged into a system and has run into permissions issues. There are two ways to use "login" here: the noun and the verb form. The noun form is "login", which refers to the information you enter to gain access to the system. And the verb form is "log in", which refers to the action of entering your login to use the system. "Permissions" is just the noun form. To use a verb, you would use "check permissions." While this is long, it's also just... fine? It hasn't been an issue in my experience.

Both of these are abundantly clear even to our peers in disciplines outside software engineering. This to me makes it worth using them from a clarity perspective alone. But then we have the big benefit to abstractions, as well. When we call both by the same word, there's often an urge to combine them into a single module just by dint of the terminology. This isn't necessarily wrong -- there is certainly some merit to put them together, since permissions typically require a login. But it's not necessary, either, and our designs will be stronger if we don't make that assumption and instead make a reasoned choice.

The Internet Archive is "currently in its third day of warding off an intermittent DDoS cyber-attack," writes Chris Freeland, Director of Library Services at Internet Archive, in a blog post. While library staff stress that the archives are safe, access to its services are affected, including the Wayback Machine. From the post: Since the attacks began on Sunday, the DDoS intrusion has been launching tens of thousands of fake information requests per second. The source of the attack is unknown. "Thankfully the collections are safe, but we are sorry that the denial-of-service attack has knocked us offline intermittently during these last three days," explained Brewster Kahle, founder and digital librarian of the Internet Archive. "With the support from others and the hard work of staff we are hardening our defenses to provide more reliable access to our library. What is new is this attack has been sustained, impactful, targeted, adaptive, and importantly, mean." Cyber-attacks are increasingly frequent against libraries and other knowledge institutions, with the British Library, the Solano County Public Library (California), the Berlin Natural History Museum, and Ontario's London Public Library all being recent victims.

In addition to a wave of recent cyber-attacks, the Internet Archive is also being sued by the US book publishing and US recording industries associations, which are claiming copyright infringement and demanding combined damages of hundreds of millions of dollars and diminished services from all libraries. "If our patrons around the globe think this latest situation is upsetting, then they should be very worried about what the publishing and recording industries have in mind," added Kahle. "I think they are trying to destroy this library entirely and hobble all libraries everywhere. But just as we're resisting the DDoS attack, we appreciate all the support in pushing back on this unjust litigation against our library and others."

An anonymous reader quotes a report from Wired: Two years ago when "Michael," an owner of cryptocurrency, contacted Joe Grand to help recover access to about $2 million worth of bitcoin he stored in encrypted format on his computer, Grand turned him down. Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool called TrueCrypt. At some point, that file got corrupted and Michael lost access to the 20-character password he had generated to secure his 43.6 BTC (worth a total of about [...] $5,300, in 2013). Michael used the RoboForm password manager to generate the password but did not store it in his manager. He worried that someone would hack his computer and obtain the password. "At [that] time, I was really paranoid with my security," he laughs.

Grand is a famed hardware hacker who in 2022 helped another crypto wallet owner recover access to $2 million in cryptocurrencyhe thought he'd lost forever after forgetting the PIN to his Trezor wallet. Since then, dozens of people have contacted Grand to help them recover their treasure. But Grand, known by the hacker handle "Kingpin," turns down most of them, for various reasons. Grand is an electrical engineer who began hacking computing hardware at age 10 and in 2008 cohosted the Discovery Channel's Prototype This show. He now consults with companies that build complex digital systems to help them understand how hardware hackers like him might subvert their systems. He cracked the Trezor wallet in 2022 using complex hardware techniques that forced the USB-style wallet to reveal its password. But Michael stored his cryptocurrency in a software-based wallet, which meant none of Grand's hardware skills were relevant this time. [...] Michael contacted multiple people who specialize in cracking cryptography; they all told him "there's no chance" of retrieving his money. But last June he approached Grand again, hoping to convince him to help, and this time Grand agreed to give it a try, working with a friend named Bruno in Germany who also hacks digital wallets.

Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that version -- and subsequent versions until 2015 -- did indeed have a significant flaw that made the random number generator not so random. The RoboForm program unwisely tied the random passwords it generated to the date and time on the user's computer -- it determined the computer's date and time, and then generated passwords that were predictable. If you knew the date and time and other parameters, you could compute any password that would have been generated on a certain date and time in the past. [...] There was one problem: Michael couldn't remember when he created the password. According to the log on his software wallet, Michael moved bitcoin into his wallet for the first time on April 14, 2013. But he couldn't remember if he generated the password the same day or some time before or after this. So, looking at the parameters of other passwords he generated using RoboForm, Grand and Bruno configured RoboForm to generate 20-character passwords with upper- and lower-case letters, numbers, and eight special characters from March 1 to April 20, 2013. It failed to generate the right password. [...] Instead, they revealed that they had finally found the correct password -- no special characters. It was generated on May 15, 2013, at 4:10:40 pm GMT.

BrianFagioli writes: Canonical has officially released the optimized Ubuntu 24.04 image for the Milk-V Mars, a credit-card-sized RISC-V single board computer (SBC) developed by Shenzhen MilkV Technology Co., Ltd.

The Milk-V Mars is the world's first high-performance RISC-V SBC of its size. Powered by the StarFive JH7110 quad-core processor, the board is equipped with up to 8GB of LPDDR4 memory and supports various modern interfaces, including USB 3.0, HDMI 2.0 for 4K output, and Ethernet with PoE capabilities. It also offers comprehensive expansion options with M.2 E-Key and extensive MIPI CSI channels, making it an ideal choice for developers and tech enthusiasts.

An anonymous reader shares a report: Commercial dot-matrix printing was yet another arena in which the needs of Chinese character I/O were not accounted for. This is witnessed most clearly in the then-dominant configuration of printer heads -- specifically the 9-pin printer heads found in mass-manufactured dot-matrix printers during the 1970s. Using nine pins, these early dot-matrix printers were able to produce low-resolution Latin alphabet bitmaps with just one pass of the printer head. The choice of nine pins, in other words, was "tuned" to the needs of Latin alphabetic script.

These same printer heads were incapable of printing low-resolution Chinese character bitmaps using anything less than two full passes of the printer head, one below the other. Two-pass printing dramatically increased the time needed to print Chinese as compared to English, however, and introduced graphical inaccuracies, whether due to inconsistencies in the advancement of the platen or uneven ink registration (that is, characters with differing ink densities on their upper and lower halves).

Compounding these problems, Chinese characters printed in this way were twice the height of English words. This created comically distorted printouts in which English words appeared austere and economical, while Chinese characters appeared grotesquely oversized. Not only did this waste paper, but it left Chinese-language documents looking something like large-print children's books. When consumers in the Chinese-Japanese-Korean (CJK) world began to import Western-manufactured dot-matrix printers, then, they faced yet another facet of Latin alphabetic bias.

A hacker group called RansomHub said it was behind the cyberattack that hit the Christie's website just days before its marquee spring sales began, forcing the auction house to resort to alternatives to online bidding. From a report: In a post on the dark web on Monday, the group claimed that it had gained access to sensitive information about the world's wealthiest art collectors, posting only a few examples of names and birthdays. It was not immediately possible to verify RansomHub's claims, but several cybersecurity experts said they were a known ransomware operation and that the claim was plausible. Nor was it clear if the hackers had gained access to more sensitive information, including financial data and client addresses. The group said it would release the data, posting a countdown timer that would reach zero by the end of May.

At Christie's, a spokesman said in a statement, "Our investigations determined there was unauthorized access by a third party to parts of Christie's network." The spokesman, Edward Lewine, said that the investigations "also determined that the group behind the incident took some limited amount of personal data relating to some of our clients." He added, "There is no evidence that any financial or transactional records were compromised." Hackers said that Christie's failed to pay a ransom when one was demanded.