Billionaires with a wedding anniversary coming up or an affair to apologise for could be forgiven for thinking that some expensive jewellery from Graff would do the trick. Perhaps 

 would be interested in a Classic Butterfly Chandelier diamond necklace for £210,000? Or maybe he would prefer to buy 

 a pair of Tilda’s Bow pear-shape diamond stud earrings for £265,000? Surely nothing says “I love you” or “Why won’t you take me back, I miss the kids” than Graff’s diamond-encrusted watch inspired by Cy Twombly – a timepiece riffing on the American artist’s swirly paintings – that sells for £365,000?

Unfortunately for Graff – jeweller to the world’s one percent – it has been raided by hackers, who have started to leak files on their 11,000 clients onto the dark web. So far, the private documents that have been released describe the addresses for Oprah Winfrey and Donald Trump, who got engaged to Melania with a 10-carat Graff ring costing £1 million, and ten years later bought a 25-carat diamond ring for £2.8 million to celebrate a decade of married bliss. Other famous Graff clients, who by now will be frantically phoning their lawyers, include Tom Hanks, Samuel L Jackson, Sir Philip Green, Frank Lampard, Tamara Ecclestone and Beckhams David, Victoria, and Brooklyn. Diamonds are a girl’s best friend, but a team of Russian cybercriminals will be her worst enemy.

Conti, a ruthless hacker gang believed to be based near St Petersburg, is behind the attack and is said to be demanding a ransom to clean up the online mess it has caused. Conti has been linked to more than 400 hacks around the world, and is known by experts for its “double extortion approach”, where crooks demand money to fix the ransomware attack and threaten to publish confidential data if they are refused.

Its European targets include government bodies in Ireland and Scotland. A hack last year on the Scottish Environment Protection Agency saw 4,000 sensitive files – including staff emails complaining about “toxic” management – dumped onto the internet. Cybercrime observers have accused Conti of playing with lives for attacking healthcare providers, which in Ireland’s case led to patient appointments being canceled, X-ray equipment shutting down, and delays to Covid tests. A tech expert suggested that Conti gains access to computer networks through phishing scams – sending out scam emails to employees of an organisation in the hope that one hapless staffer will click on a hoax attachment and open a sluice gate for malware to gush into their IT systems. These types of hackers steal important files on their victim’s network then install malware and demand a fee to unfuck it.

Melania Trump in her $1 million Graff ring


Which is not what Graff, named after the billionaire octogenarian founder Laurence Graff, will have wanted to hear. Jewellers like to retain an element of discretion. Although Graff’s website boasts “The Most Fabulous Jewels in the World”, a lot of their rocks are accompanied by the three most devastatingly snooty words in the English language, the phrase that separates the serfs from the lords: “Price upon asking”. There must be a lot of clients on Graff’s books who sneakily bought watches and bangles in the name of dodgy lovers and beautiful deals, hoping their purchases would never become public knowledge. But now, thanks to the Conti hack, we know for instance that Hans Rausing, the food packaging tycoon, bought one set of ruby earrings and another of diamonds for a total of £118,000 in 2019.

It’s not just celebs and business magnates who have been exposed but also world leaders. Erbolat Dosaev, the former deputy prime minister of Kazakhstan, has been listed as a client, as was Mohammed bin Salman, the crown prince of Saudi Arabia, who shelled out for jewels at Graff’s Monacan store. Sheikh Mohammed bin Rashid Al Maktoum, the ruler of Dubai, is another client. And the names of other Gulf big shots like a prime minister of Bahrain and a former prime minister of Qatar have also appeared in the leaked files – but their purchases have not been described.

This all gives off the impression that Graff’s client roster may in fact be the guest list for a black tie gala hosted by Satan. Ghislaine Maxwell is named as a Graff client by the hack although as she awaits trial on charges of recruiting underage girls for Jeffrey Epstein, the dead paedophile financier, she probably has other things on her mind. Her purchases – if there were any – are not mentioned in the documents, but they did refer to her billing and shipping address in St Thomas in the US Virgin Islands, 10 kilometres from Little Saint James, Epstein’s property known as “Paedophile Island”.

This is all terrible publicity for Graff, which not so long ago was robbed IRL. In 2009, two con men hired a professional make-up artist to disguise them with latex prosthetics and wigs before stepping inside the Graff store on New Bond Street. Guns in their hands, the two men forced shop assistants to empty the display cabinets of 43 rings, bracelets, necklaces, and watches, making off with almost £40 million worth of gems. The heist was undone by a mobile phone left in a getaway car that led the police to uncover the robbers’ identity – but not before the jewels were sold on. It was the largest gems heist in Britain – an unpleasant record to hold – that Graff had set in 2003 when the Pink Panthers gang yanked £23 million from the same store. A bad decade for business.

If the hackers get their way, the latest raid on Graff could be just as financially damaging. Conti is demanding tens of millions in their ransomware attack, according to news reports. A rep for Graff says it has been able to rebuild and restart their systems without irretrievably losing any data. There is also the reputational damage from having client lists, invoices, receipts and credit notes leaked online. Although it could hardly be as bad as the Sony Pictures hack of 2014, believed to have been carried out by a North Korean team miffed at the release of 

, a movie that mocked Kim Jong-Un. The Guardians of Peace hacker group leaked the emails of Sony execs in which they joked that Angelina Jolie was a “minimally talented spoiled brat”.

It could take weeks of data leaks before Graff decides to pay the ransom. By that point, a lot more client info could be online – apparently only one percent of the hacked data has been published so far. “Step inside a Graff boutique and discover a magnificent display of natural wonders,” promises the jeweller’s website. If only that meant the stones, and not the clients.

The best private members' clubs in New York

Michael Wolff on what Rupert Murdoch really wants in life

Pavilion Knightsbridge: A stylish bolthole for the discerning businessman