Conti Ransomware Group Steals Confidential Documents from Multinational Jewellery Firm
Table of Contents
- By David Lukic
- Published: Nov 15, 2021
- Last Updated: Mar 18, 2022
Russian group Conti hacked confidential documents from multinational jewellery company Graff in an attempt to extort money. The notorious gang has sought a multi-million dollar ransom to avoid leaking sensitive information on the company's customers.
Conti, believed to be near St Petersburg, reportedly leaked 69,000 confidential documents on the dark web and released files that include Donald Trump, Oprah Winfrey and David Beckham. Important information such as customer details, invoices, receipts and credit notes have also been taken. The Information Commissioner's Office (ICO) said it was investigating the violation.
How did Conti hack Graff?
A compromised email containing a sophisticated ransomware computer virus was likely the culprit that allowed Conti access to Graff files, cyber experts say.
Daria-Romana Pop, an intelligence analyst for the cyber threat firm Kela said,
"after they deliver the ransomware note, the operators usually start leaking data to intimidate the victim."
According to him, the ransomware group demanded a ransom based on the size of the company and its revenues.
Who are the impacted customers?
Reports have shown that about 600 British customers were among the victims. Formula One heiress Tamara Ecclestone and former footballer Frank Lampard have been listed.
The list also includes Hollywood actors Tom Hanks, Samuel L Jackson and Alec Baldwin. Oprah Winfrey’s two addresses and seven of Donald and Melania Trump’s were also published, while documents also show the charity Make A Wish Foundation UK spent £60,000 on a Princess Butterfly Watch in October 2019.
The New York address of the wealthiest man in Britain, Sir Len Blavatnik, also appears, as does financier George Soros. Disgraced socialite Ghisaline Maxwell, Saudi Crown Prince Mohammed bin Salman, Dubai ruler Sheikh Mohammed bin Rashid Al Maktoum, prime minister of Bahrain Salman bin Hamad Al Khalifa, and former prime minister of Qatar Sheikh Bin Jabr Al Thani Hamad Bin Jassim are also listed.
How is Graff responding?
Graff has informed those whose personal data may have been stolen and informed them of the measures they are taking.
"Regrettably, we, in common with a number of other businesses, have recently been the target of a sophisticated – though limited – cyber attack by professional and determined criminals,”
said a Graff spokesperson.
“We were alerted to their intrusive activity by our security systems, allowing us to react swiftly and shut down our network. We notified, and have been working with, the relevant law enforcement agencies and the ICO."
What Cyber Attacks are Conti Responsible for?
In May 2021, the FBI linked Conti to at least 16 attacks in the United States. The targets identified include 911 dispatchers, law enforcement agencies, and emergency medical care.
The FBI's flash advisory says Conti has been linked to at least 400 cyberattacks against organizations worldwide, and 290 are located in the US.
Who does Ransomware Affect?
Ransomware attacks have been going on for years. Private individuals and businesses can be affected, which can lead to permanent loss of sensitive information and financial losses.
In 2020 alone, companies in the United States lost almost 21 billion US dollars due to ransomware attacks, according to technology website Comparitech. Compared to 2019, the number of reported ransomware attacks increased by 245%. The attacks also led to over 7 million individual records stolen, an almost 800% increase compared to previous years.
Comparitech also noted that cybercriminals previously targeted educational institutions and government agencies, but in 2020 shifted their focus to businesses and health organizations.
