Laurence Graff

Inside the great Graff diamond hack

Oprah Winfrey, Donald Trump, and Sheikh Mohammed Bin Salman have fallen victim to the data breach — but that could just be the tip of the iceberg...

Billionaires with a wedding anniversary coming up or an affair to apologise for could be forgiven for thinking that some expensive jewellery from Graff would do the trick. Perhaps monsieur would be interested in a Classic Butterfly Chandelier diamond necklace for £210,000? Or maybe he would prefer to buy madame a pair of Tilda’s Bow pear-shape diamond stud earrings for £265,000? Surely nothing says “I love you” or “Why won’t you take me back, I miss the kids” than Graff’s diamond-encrusted watch inspired by Cy Twombly  – a timepiece riffing on the American artist’s swirly paintings – that sells for £365,000?

Unfortunately for Graff – jeweller to the world’s one percent – it has been raided by hackers, who have started to leak files on their 11,000 clients onto the dark web. So far, the private documents that have been released describe the addresses for Oprah Winfrey and Donald Trump, who got engaged to Melania with a 10-carat Graff ring costing £1 million, and ten years later bought a 25-carat diamond ring for £2.8 million to celebrate a decade of married bliss. Other famous Graff clients, who by now will be frantically phoning their lawyers, include Tom Hanks, Samuel L Jackson, Sir Philip Green, Frank Lampard, Tamara Ecclestone and Beckhams David, Victoria, and Brooklyn. Diamonds are a girl’s best friend, but a team of Russian cybercriminals will be her worst enemy.

Conti, a ruthless hacker gang believed to be based near St Petersburg, is behind the attack and is said to be demanding a ransom to clean up the online mess it has caused. Conti has been linked to more than 400 hacks around the world, and is known by experts for its “double extortion approach”, where crooks demand money to fix the ransomware attack and threaten to publish confidential data if they are refused.

Its European targets include government bodies in Ireland and Scotland. A hack last year on the Scottish Environment Protection Agency saw 4,000 sensitive files – including staff emails complaining about “toxic” management – dumped onto the internet. Cybercrime observers have accused Conti of playing with lives for attacking healthcare providers, which in Ireland’s case led to patient appointments being canceled, X-ray equipment shutting down, and delays to Covid tests. A tech expert suggested that Conti gains access to computer networks through phishing scams – sending out scam emails to employees of an organisation in the hope that one hapless staffer will click on a hoax attachment and open a sluice gate for malware to gush into their IT systems. These types of hackers steal important files on their victim’s network then install malware and demand a fee to unfuck it.

To unlock this article, please subscribe. Benefits include:

  • 2 Magazines delivered to your door
  • Direct offers and benefits with luxury hotels, clubs, restaurants and handpicked brands
  • Invitations to a minimum of 4 member-only events each year
  • Paywalled content — access to exclusive online features only for members
  • 15% off selected brands online with Gentleman's Journal
  • Your own Clubhouse membership card to redeem all the perks
Clubhouse Membership

Clubhouse Membership

Buy Now

Further Reading