What Happened
In 2025, the Artists&Clients platform, a site connecting freelance artists with clients for art commissions, suffered a ransomware attack by the newly emerged LunaLock group, which stole and encrypted user data including databases, source code, digital artworks, usernames, email addresses, password hashes (bcrypt and SHA-1), display names, profile details, and registration info, affecting over 100,000 unique email records. The breach was detected in late August 2025 during Kaduu Cyber Threat Intelligence Team’s dark web monitoring and publicly posted on Breachsta.rs around September 1, with LunaLock demanding a $50,000 ransom on September 2, threatening to leak the data publicly and uniquely repurpose stolen artworks for AI training datasets if unpaid. Artists&Clients’ site went offline amid the incident, though the company issued no official statement by October 2025 beyond urging password resets via email; the data was validated against Have I Been Pwned, highlighting risks of credential-stuffing, phishing, and identity theft.
