[BreachExchange] Russian hackers ‘steal details of Hollywood stars and billionaire tycoons’ in ‘virtual heist’ on jewellery firm

Mon Nov 1 10:41:42 EDT 2021

https://www.the-sun.com/news/3967760/russian-hackers-steal-hollywood-billionaire/

Cyber criminals have plundered the personal information of people including
Donald Trump, Oprah Winfrey, Tom Hanks and David Beckham during an online
raid at Graff.

And they've already leaked 69,000 confidential documents onto the dark web,
the Mail on Sunday reports.

Criminals from notorious Russian hacking gang Conti are suspected to be
behind the theft.

They're thought to be demanding tens of millions of pounds in ransom money.

Around 600 British customers are among the victims so far, including
Formula One heiress Tamara Ecclestone and former footballer Frank Lampard.

International superstars on the list include Hollywood actors Tom Hanks,
Samuel L Jackson and Alec Baldwin.

Two addresses for US chat show queen Oprah Winfrey and seven for Donald and
Melania Trump have been published.

David and Victoria Beckham and their son Brooklyn, as well as former
Topshop boss Sir Philip Green and his wife Lady Tina, are also customers,
it's been revealed.

Astonishingly, it's believed that the information already published on
11,000 of Graff's clients represents just one per cent of the files stolen.

Client lists, invoices, receipts and credit notes are among the files
stolen.

Philip Ingram, a former colonel in British military intelligence, told the
paper: "Given the profile of the customer database, this is absolutely
massive.

"This is going to bring the highest levels of international law enforcement
down on the gang, and that's going to give them a whole lot of headaches in
trying to get the ransom paid and then get away with it."

Experts think the gang will ask for their payment in untraceable
crypto-currency like Bitcoin, or even jewels.

HACKERS TARGET SUPER-WEALTHY
London-based Graff said it had informed those whose personal data may have
been accessed.

A spokesman for the Information Commissioner's Office (ICO), which can
impose fines of up to four per cent of company turnover, said: "We have
received a report from Graff Diamonds Ltd regarding a ransomware attack.

"We will be contacting the organisation to make further enquiries in
relation to the information that has been provided."

A spokesperson for Graff, which according to its latest accounts had
revenues of £450million in 2019, said: "Regrettably we, in common with a
number of other businesses, have recently been the target of a
sophisticated – though limited – cyber attack by professional and
determined criminals.

"We were alerted to their intrusive activity by our security systems,
allowing us to react swiftly and shut down our network. We notified, and
have been working with, the relevant law enforcement agencies and the ICO.

"We have informed those individuals whose personal data was affected and
have advised them on the appropriate steps to take."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211101/d58027ab/attachment.html>