Graff, a London-based luxury jewelry company, has been the target of a ransomware attack by the infamous Conti gang, which is thought to be based in Russia.
The hack was first revealed by Mail on Sunday, which stated that Conti operatives obtained client information from Graff computer systems and exposed 69,000 files on the dark web over the last week, containing information on 11,000 customers.
According to reports obtained by GlamSquad Magazine, hackers have demanded tens of millions of pounds from the company to prevent additional disclosures.
Conti is said to have exposed the personal information of Donald Trump, David Beckham, Oprah Winfrey, Sir Philip Green, former footballer Frank Lampard, Formula One heiress Tamara Ecclestone, Hollywood actors Samuel L Jackson, Tom Hanks, and Alec Baldwin, and musician Tony Bennett.
Salman bin Hamad Al Khalifa, the Prime Minister of Bahrain, Sheikh Mohammed bin Rashid Al Maktoum, the Prime Minister of the United Arab Emirates, and Saudi Crown Prince Mohammed bin Salman were also mentioned.
According to the report, the disclosed files include client lists, credit information, invoices, and receipts, and they could be embarrassing for some people “who may, for example, have purchased gifts.”
Graff admitted the hack in a statement to Sky News, claiming the company was the victim of a “sophisticated – though limited – cyber attack” perpetrated by “professional criminals.”
The firm’s computers and network were instantly shut down when an intrusive behavior was identified by the IT security system, according to the report.
Graff stated that it has notified all individuals whose personal information was compromised as a result of the breach.
The Information Commissioner’s Office (ICO) and other appropriate law enforcement authorities have been contacted, and the breach is currently being investigated.
A spokeswoman for the ICO said, “We have received a report from Graff Diamonds Ltd alleging a ransomware incident.”
“We will be contacting the organization to inquire further about the information that has been provided.”
Ransomware assaults have increased dramatically in recent months, with Russia frequently being accused.
Olympus, a Japanese computer company, was apparently hit by ransomware in September, affecting its business units in Europe, the Middle East, and Africa (EMEA).
After cyber criminals seized widely used software from Florida-based IT firm Kaseya earlier in July, at least 200 organizations were hit by a ransomware attack.
Colonial Pipeline, a US petroleum distributor, was hit by a large ransomware attack in May, crippling fuel distribution in southeastern US states.
“This latest attack starkly highlights how the simplest actions may have the largest implications,” Oz Alashe, CEO and founder of behavioural security platform CybSafe, said.
Graff’s attack is thought to have started with a malicious link in an email, with one erroneous click resulting in the exposure of hundreds of people’s personal information and a hefty price tag for the premium brand.
“When such breaches occur, it’s tempting to play the blame game, but this is counter-intuitive and rarely results in true behavioral change.”
“No one is totally perfect when it comes to cyber security, but corporations can considerably improve their odds by eschewing a one-size-fits-all strategy and embracing the unique methods of each individual.”
READ ALSO: Cool Trending Body Accessories For Ladies