Russian cyber hackers who carried out ‘virtual heist’ on jewellers Graff make grovelling apology to the Saudis… But they’re not so scared of celebs
Cyber hackers who stole a vast trove of confidential information about the wealthy and famous clients of jewellers Graff have made a grovelling apology to royals in the Middle East whose details it leaked.
Conti, a Russian-based gang which carried out the audacious ‘virtual heist’, hurriedly removed 69,000 documents plundered from Graff after The Mail on Sunday revealed the theft last weekend.
Personal details about Graff’s clients, including Donald Trump, Oprah Winfrey and David Beckham, featured in documents posted on the ‘dark web’ – but so too did those of powerful people in Qatar, the UAE and Saudi Arabia.
They included Saudi Crown Prince Mohammad bin Salman, who is widely suspected of ordering the assassination of journalist Jamal Khashoggi – a critic of the Saudi regime – three years ago.
Graff’s client Saudi Crown Prince Mohammad bin Salman’s (pictured) personal details were leaked,= along with several public figures and celebrities on the ‘dark web’ by Conti, a Russian gang who did a ‘virtual heist’ (file image)
In an extraordinary ‘press release’, Conti pledged that ‘any information pertaining to members of Saudi Arabia, UAE and Qatar families will be deleted without any exposure and review.
‘Our team apologizes to His Royal Highness Prince Mohammed bin Salman and any other members of the Royal Families whose names were mentioned in the publication for any inconvenience’.
Praising The Mail on Sunday, Conti said: ‘Their analysis was done with the highest standards of reporting and uncovered things that we unfortunately missed.’
In an apparent effort to prevent revenge attacks, the hackers said only the 69,000 documents – representing one per cent of its total haul – had been leaked and that none of the stolen information ‘was sold on auctions or offered as samples, or revealed in any other capacity to any third party’.
Conti, which is thought to have made millions from blackmailing its victims, also promised ‘to implement a more rigid data review process’ but warned it planned to publish more stolen information that ‘will focus exclusively on US and EU citizens’.
In a rambling rant against the West, Conti’s statement went on: ‘Our goal is to publish as much of Graff’s information as possible regarding the financial declarations made by the US-UK-EU Neo-liberal plutocracy, which engages in obnoxiously expensive purchases when their nations are crumbling under the economic crisis, unemployment, and Covid.’
Personal details about Graff’s clients, including Donald Trump, Oprah Winfrey and David Beckham, featured in documents posted on the ‘dark web’ – but so too did those of powerful people in Qatar, the UAE and Saudi Arabia
The ‘press release’ ended: ‘Stay safe! Kind Regards, Conti Team.’
Cyber experts said Conti appeared worried about upsetting Middle East leaders, particularly the Crown Prince, who has reportedly ordered cyber attacks against enemies in the past and is an ally of Russian President Vladimir Putin.
Philip Ingram, a former colonel in British military intelligence, said: ‘This apology to the Saudis suggests there were some potentially serious repercussions about to be visited on the Conti gang. We may never know if and where any bodies turn up.’
Allan Liska, a researcher at cyber security firm Recorded Future, said: ‘Even ransomware groups are subject to political pressure. My guess is that they had a conversation with someone in the Kremlin who told them this was a bad idea.’
Cyber experts said Conti appeared worried about upsetting Middle East leaders, particularly the Crown Prince, who has reportedly ordered cyber attacks against enemies in the past and is an ally of Russian President Vladimir Putin (stock image)
But Brett Callow, from global cyber security firm Emsisoft, suggested the statement could be an attempt to throw investigators off the scent. ‘Their words may have no meaning at all or it could be an attempt at obfuscation,’ he said. ‘A number of analysts have assumed the apology is the result of pressure from the Russian government and that could be exactly what Conti wanted them to think.’
The MoS last week revealed that Conti had stolen a huge quantity of material including client lists, invoices, receipts and credit notes from Graff, the London-based high-society jewellers. Experts say further revelations could embarrass customers who, for example, have bought gifts for secret lovers.
The Information Commissioner’s Office, which can impose huge fines on companies that fail to keep customers’ data secure, is investigating, along with Scotland Yard.
Some 600 British customers, including Formula 1 heiress Tamara Ecclestone and former footballer Frank Lampard, featured on the initial leak by Conti. A Graff spokesman said: ‘We are working with law enforcement and the ICO while keeping affected clients informed of developments. Our clients are our priority. We take the protection of their privacy extremely seriously.’
Some 600 British customers, including Formula 1 heiress Tamara Ecclestone and former footballer Frank Lampard, featured on the initial leak by Conti