Some of the world's most famous figures may be sitting slightly uncomfortably today following a ransomware (opens in new tab) attack on luxury jeweler Graff.
UK-based Graff is notable for its collection of some of the most rare and expensive diamonds, which has helped make it one of the preferred jewelers of the rich and famous, with the likes of former President Donald Trump and soccer star David Beckham possibly affected.
According to the Daily Mail (opens in new tab), Graff was attacked by the Conti ransomware group, in a classic double-extortion attack where the attackers exfiltrated information before encrypting the jewelers' computers.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
>> Click here to start the survey in a new window (opens in new tab) <<
While Graff has acknowledged the cybersecurity (opens in new tab) incident, it hasn’t commented on the nature of the attack, nor revealed the identity of the perpetrators.
Back up from backup
The Daily Mail reports that Conti has already shared 69,000 confidential documents, including client lists, invoices, receipts and credit notes, on the dark web, as per the common tactic attackers employ as a means to back their claims about the attack.
Furthermore, Conti adds that the shared details concern about 11,000 of Graff’s customers, representing a mere 1% of their client base whose information it now claims to possess.
While there’s no information regarding Conti’s demand, the threat actor has supposedly asked for a ransom amounting to tens of millions of pounds.
Graff operates over 60 retail stores around the world, and counts some of the wealthiest people in the world as its clients.
The Information Commissioner's Office (ICO) said it was investigating the breach.
"We have received a report from Graff Diamonds Ltd regarding a ransomware attack. We will be contacting the organisation to make further enquiries in relation to the information that has been provided," an ICO representative told the Daily Mail.
A Graff spokesperson has however downplayed the incident, adding that it had been able to 'rebuild and restart our systems within days – crucially with no irretrievable loss of data'.
Businesses can minimize cyberthreats by using one of these best endpoint security tools (opens in new tab).