Sotheby's Data Breach Lawsuit Investigation
File Your Claim Now

Dapeer Law, P.A., a top-rated class action law firm, is investigating the Sotheby's data breach. If you received notice that your information was exposed during this breach, you may be entitled to compensation. It's free to join our investigation to see if we can help you recover.

Sotheby's Data Breach Lawsuit Investigation

On October 15, 2025, Sotheby’s began notifying individuals that an unauthorized actor removed certain data from its systems. The confidential records review confirmed personal information was exposed. If you received a breach letter, you may be entitled to compensation and complimentary identity-protection services.

Received a notice? Complete the confidential form on this page for a free case evaluation.
Download Official Breach Notice (PDF)

Key Details of the Sotheby's Cybersecurity Incident

  • Date breach discovered: July 24, 2025
  • Data review completed: September 24, 2025
  • Consumer notification mailed: October 15, 2025
  • Affected information: Sotheby’s letter states “personal information relating to you” was identified (exact categories not disclosed in the public filing).
  • Regulatory filing: Breach reported to the Maine Attorney General on October 15, 2025.
  • Identity-protection offer: Complimentary credit monitoring and identity-protection services through TransUnion (enrollment required).

What Happened

According to Sotheby’s regulatory submission, the company detected that certain data “appeared to have been removed” from its environment on July 24 after activity by an unknown actor. Sotheby’s immediately launched an investigation, implemented containment measures, and engaged in an extensive review to determine the scope of information affected. The review was finalized on or around September 24, 2025.

Information Involved

The notice indicates the investigation confirmed personal information tied to each letter recipient. The exact data elements were not specified in the publicly available filing, but the company advised potentially impacted individuals to stay vigilant for identity-theft warning signs.

Sotheby's Response Measures

  • Isolated and assessed affected systems.
  • Worked with federal law-enforcement agencies.
  • Notified appropriate regulators.
  • Maintains layered security controls, strict access management, secure connections, and advanced threat protection.
  • Offers complimentary TransUnion credit-monitoring and identity-protection services to notified individuals.

Steps You Can Take Now

  1. Activate the TransUnion services detailed in your letter to access credit monitoring, identity-theft insurance, and restoration assistance.
  2. Review bank, credit-card, and brokerage statements for unfamiliar charges or transfers.
  3. Obtain free credit reports from Equifax, Experian, and TransUnion and dispute any inaccuracies.
  4. Consider placing a fraud alert or security freeze with each credit bureau to restrict unauthorized accounts.
  5. Document any out-of-pocket losses related to identity theft; this information may strengthen any future legal claim.

Legal Options & How We Help

If your personal information was compromised, you could be entitled to monetary relief for time spent monitoring accounts, reimbursement for fraud losses, and other damages. Our data-privacy attorneys are investigating potential claims on behalf of Sotheby’s breach victims nationwide. Consultations are free, and there are no out-of-pocket fees unless we recover for you.

Act quickly—statutory deadlines apply. Submit your free claim review today.

Company Overview

  • Website: sothebys.com
  • Headquarters: 1334 York Avenue, New York City, New York, United States
  • Industry: Fine arts & rare objects
  • Year founded: 1744
  • Parent entity: Patrick Drahi
  • Employees: 1,713
  • Stock ticker prior to privatization: BID (NYSE)
  • Social profiles:

Frequently Asked Questions

How did the Sotheby's data breach occur?

Sotheby’s reported that an unauthorized actor removed certain data from its environment on July 24, 2025. The company has not publicly disclosed the specific attack vector.

What personal data was exposed in the Sotheby's breach?

The notice confirms “personal information relating to you” was involved; exact data points were not listed in the Maine filing. Review your notification letter for the full details.

Is Sotheby's offering free credit monitoring?

Yes. Sotheby’s is providing complimentary TransUnion credit-monitoring and identity-protection services. Follow the enrollment instructions in your mailed notice.

Can I file a lawsuit against Sotheby's for the data breach?

Potentially. Victims may seek compensation for identity-theft risks, time spent addressing the breach, and out-of-pocket losses. Contact our legal team for a free evaluation.

What is the deadline to join the Sotheby's data breach lawsuit?

Deadlines vary by state consumer-protection laws. Acting promptly preserves your rights; submit your claim review as soon as possible.

Attorney Advertising. Prior results do not guarantee a similar outcome.

File Your Claim Now