Follow us

Conti virus steals Graff’s details of Hollywood celebrities

Severe ransomware attacked the millionaire jewelers' firm

Published: November 1, 2021 By Ozair Malik

Tom Hanks, his wife, Rita Willison, and David Beckham, his wife Victoria Beckham, known clients of Graff

Image source – thetimes.co.uk

Trump, The Beckhams, and Worlds Elite fall Victim to the Attack

The multinational jewelry company of Britain, Graff, has fallen victim to a major ransomware attack, settling down its customers to have had their details stolen by a Russian cybercriminal gang Conti which hacked into the systems of Graff.

It is to be noted that Graff operated at the top end of the diamond jewelry market, having more than 60 stores over the globe.

With the uproar of Conti's ransomware attack on Graff, there has been a leak of 69,000 files of A-lister clients from all over the world, including:

  • Donald Trump
  • Oprah Winfrey
  • David Beckham
  • Sir Philip Green
  • Formula One heiress Tamara Ecclestone
  • Former footballer Frank Lampard
  • Actors Tom Hanks, Samuel L Jackson, and Alec Baldwin
  • Singer Tony Bennett and others.

Leaks of the Virtual Heist

The leakage of these 69,000 files includes mainly

  • Confidential documents
  • Invoices
  • Receipts

Keeping in mind that the impact of this ransomware attack is greater on the customers' privacy than the information leaked regarding the jewelry purchased, the purchases may defame some of the customers, breaking out rumors of who' dating who, extra-marital affairs etc.

In case Graff refuses to pay the ransom demand of Conti, the breach and the information leaked may lead to its customers getting blackmailed for the above reason.

Despite the demand of a multi-million ransom, the Conti gang didn't shy from leaking the details of about 11,000 of Graff's customers, including world leaders, actors, and tycoons.

Russian Hacking Group Conti Held Responsible

According to reports, the data theft was carried out by a Russian ransomware gang Conti near St Petersburg, who leaked confidential documents of a dark web.

With the splurged rise in hacking and ransomware attacks in recent years, Russia has always been blamed.

This has given rise to diplomatic tension between Joe Biden and Vladimir Putin, the Presidents of the US and Russia, debating whether Russia has become a haven for cybercriminals.

We were made aware of their intrusion by our security systems, giving us leverage to react swiftly and shut down our network. We have notified, and are working with, the relevant law enforcement agencies and the ICO.

The company said.

Extortionists' Demanding Ransom

Conti further demands millions of pounds in exchange for keeping Graff's customer data release more than it has already, which is known to represent 1% for the stolen files.

Regrettably, we, in common with several other businesses, have recently been the target of a sophisticated –- though limited –- cyber-attack by professional and determined criminals,

said Graff

Conti RaaS

The Russian cyber gang launched their leak site to threaten the victims by releasing the stolen data in August 2020. Federal Bureau of Investigation revealed that the Conti ransomware gang had hit almost 16 healthcare and all hands-on deck organizations in May 2021.

This gang is known to be one of the most active and aggressive ransomware groups.

The Conti operators offer 20-30% of every ransomware payment to maintain their services to their affiliates.

Recovery of Graff

With a going investigation by The Information Commissioner's Office (ICO), which can impose a fine of multi-million pounds on companies that fail to protect their customer's sensitive information safe, London-based Graff is seen to be in a tough spot.

The firm has known to notify the British authorities and the ICO and further declare the recovery of its systems to be recovered again within days.

However, Graff believes the colossal bulk of customers, fortunately, did not suffer any personal data breach, other than their names and addresses, but nothing of the sort leading them to the risk of identity theft.

Tags: 
News
Author
Ozair Malik
A passionate Cyber Security researcher and writer with a keen interest in Digital Forensics. A community worker running a insta blog to raise cybersecurity awareness among laymen.

Leave a comment

click to select