What Happened
In August 2025, Artists&Clients (artistsnclients.com), a US-based online marketplace connecting artists with clients for commissions, suffered a ransomware attack by the LunaLock group, discovered around August 30-31 and publicly claimed on September 2. The breach exposed approximately 95,351 accounts, including email addresses, usernames, IP addresses, bcrypt and SHA-1 password hashes, profile details (e.g., country, commission preferences), registration timestamps, messages, payment information, and artwork files, which were stolen, encrypted, and leaked on dark web forums like Breachsta.rs after a $50,000 Bitcoin or Monero ransom demand went unmet. LunaLock threatened to publicly release all data on a Tor site and submit the artwork to AI companies for training large language models, amplifying risks of phishing, credential stuffing, identity theft, and intellectual property misuse; the site displayed a ransom note before going offline, with no official company statement issued as of October 2025.
