Hackers have plundered the personal details of world leaders, Hollywood A-listers and billionaire tycoons in a massive 'virtual heist&...
Hackers have plundered the personal details of world leaders, Hollywood A-listers and billionaire tycoons in a massive 'virtual heist' on exclusive jewellery firm Graff, The Mail on Sunday can reveal.
The cyber criminals have already leaked 69,000 confidential documents on to the so-called 'dark web', including files relating to Donald Trump, Oprah Winfrey, David Beckham and Sir Philip Green.
And they are thought to be demanding tens of millions of pounds in ransom money to stop the release of further sensitive information.
The notorious Russian hacking gang Conti is behind the data theft and claims the information published, involving about 11,000 of Graff's well-heeled clients, represents just one per cent of the files it stole.
Documents including client lists, invoices, receipts and credit notes have been taken, and could prove embarrassing for customers who may, for example, have bought gifts for secret lovers or taken jewellery as bribes.
Russian hackers have plundered the personal details of world leaders, actors and personalities in a 'virtual heist' on exclusive jewellery firm Graff. Pictured: The list of victims is believed to include David Beckham
'Given the profile of the customer database, this is absolutely massive,' said Philip Ingram, a former colonel in British military intelligence.
'This is going to bring the highest levels of international law enforcement down on the gang, and that's going to give them a whole lot of headaches in trying to get the ransom paid and then get away with it.'
Cyber experts believe the extortionists will demand payment either in an untraceable cyber currency such as Bitcoin – or even in jewels.
Around 600 British customers are among the victims so far named, including Formula One heiress Tamara Ecclestone and former footballer Frank Lampard, who was previously pictured leaving Graff's flagship London store with his wife Christine Bleakley.
International superstars on the list include Hollywood actors Tom Hanks (pictured), Samuel L Jackson and Alec Baldwin, already troubled after accidentally shooting dead cinematographer Halyna Hutchins on the set of his latest film
Former Topshop boss Sir Philip Green (pictured) and his wife Lady Tina are listed as clients of Graff, which has a store in Monaco, where the family's £100 million superyacht Lionheart is moored
International superstars on the list include Hollywood actors Tom Hanks, Samuel L Jackson and Alec Baldwin, already troubled after accidentally shooting dead cinematographer Halyna Hutchins on the set of his latest film.
Singer Tony Bennett also features in the leak, while two addresses for US chat show queen Oprah Winfrey and seven for Donald and Melania Trump were published.
Conti, which is believed to be based near St Petersburg, released the first cache of customer information earlier this month on the dark web, a secretive part of the internet known as a haven for terrorists and criminals – who could potentially use the material for theft, extortion or blackmail.
The Information Commissioner's Office (ICO), which can impose multi-million pound fines on companies that fail to keep customers' data secure, said it was investigating the breach.
London-based Graff, which was founded by 83-year-old Laurence Graff, a self-styled 'King of Bling', said it had informed those whose personal data may have been accessed.
London-based Graff, which was founded by 83-year-old Laurence Graff, a self-styled 'King of Bling', said it had informed those whose personal data may have been accessed
But one well-known British millionaire named in the files as having bought a pair of yellow and white diamond earrings worth £237,000 in January last year said he had not been notified.
Separately, the documents show that Mr Beckham, his wife Victoria and their eldest son Brooklyn – who has posted images of jewellery bought for his actress fiance Nicola Peltz on social media – are Graff customers.
The documents also reveal that the charity Make A Wish Foundation UK spent £60,000 on a Princess Butterfly Watch in October 2019. The charity said the watch was purchased for a fundraising auction in 2019.
Former Topshop boss Sir Philip Green and his wife Lady Tina are listed as clients of Graff, which has a store in Monaco, where the family's £100 million superyacht Lionheart is moored. The New York address of Britain's wealthiest man Sir Len Blavatnik, also appears, as does that of financier George Soros.
The socialite Ghisaline Maxwell, who is awaiting trial on charges of recruiting underage girls for the late serial paedophile Jeffrey Epstein, is also listed.
The files do not state what, if anything, she bought, but it gives her then billing and shipping address as being in St Thomas in the US Virgin Islands, close to the island of Little Saint James, where Epstein abused some of his victims.
Erbolat Dosaev, a former deputy prime minister of Kazakhstan, was another customer. Saudi Crown Prince Mohammed bin Salman is listed as a Graff client in Monaco, as is Sheikh Mohammed bin Rashid Al Maktoum, the ruler of Dubai.
The prime minister of Bahrain, Salman bin Hamad Al Khalifa, and former prime minister of Qatar, Sheikh Bin Jabr Al Thani Hamad Bin Jassim, are also named.
Another document shows that the late Tetra Pak billionaire Hans Rausing bought a pair of ruby waterfall earrings for £89,000 and white diamond earrings for £29,000 in 2019.
Cyber experts said it was most likely that the hackers gained access to Graff's files by sending an email which duped a member of staff into opening a file containing a sophisticated 'ransomware' computer virus.
This would have given the hackers a 'back door' to steal the company's data, bypassing any anti-virus software or firewall.
Daria-Romana Pop, intelligence analyst for cyber threat firm Kela, said: 'After they deliver the ransomware note, the operators usually start leaking data to intimidate the victim.
'It starts with one per cent of the files to persuade the victim to pay the ransom and it may take from days to weeks to leak all the data, depending on the negotiation. In this specific attack, it took them one week to publish.
'Conti is also known for threatening to disclose attacks to the victims' clients, partners and other parties. Conti and other ransomware groups usually define the ransom depending on the size of the company and its revenue.
Conti's ransom demands start very high, about ten per cent of the victim's annual revenues.'
A spokesman for the ICO, which can impose fines of up to four per cent of company turnover, said: 'We have received a report from Graff Diamonds Ltd regarding a ransomware attack. We will be contacting the organisation to make further enquiries in relation to the information that has been provided.'
A spokesperson for Graff, which according to its latest accounts had revenues of £450 million in 2019, said: 'Regrettably we, in common with a number of other businesses, have recently been the target of a sophisticated – though limited – cyber attack by professional and determined criminals.
'We were alerted to their intrusive activity by our security systems, allowing us to react swiftly and shut down our network. We notified, and have been working with, the relevant law enforcement agencies and the ICO.
'We have informed those individuals whose personal data was affected and have advised them on the appropriate steps to take.'
The firm said it had been able to 'rebuild and restart our systems within days – crucially with no irretrievable loss of data'.
No comments