Articles and News
Hackers Apologize For Graff Ransomware Attack That Included Oprah Winfrey And Donald Trump; Promise To Be Better Criminals In Future | November 08, 2021 (0 comments)
London, UK—In an unusual mea culpa, the ransomware gang calling itself “Conti” has apologized—sort of—for hacking into luxury jeweler Graff’s database last month and putting the information on the dark web. Top image: Global luxury jeweler Laurence Graff in front of one of his vaults.
The Russian-based Conti is not sorry for hacking the jeweler, or planting the ransomware in his system, or for releasing confidential customer information, but they are apologizing for doing a poor proofreading job before publishing the stolen data. As it turns out, some of the customers impacted include members of the royal families of the United Arab Emirates, Qatar, and Saudi Arabia, who are, shall we say, a wee bit peeved. The Daily Mail reports one of the victims was Saudi Crown Prince Mohammad bin Salman, who is widely suspected of ordering the assassination of journalist Jamal Khashoggi three years ago.
National Jeweler reported the Graff breach last week. “For most people involved in the Graff data breach, it included details like their name and potentially their home address—which can be retrieved in the public domain from other sources– rather than any other confidential details that would put them at risk of identity theft,” said the NJ article, and a Graff spokesperson told the magazine the activity was detected quickly and the jeweler informed the small group of individuals whose data was compromised.
Although NJ reported the compromised data—such as addresses—was mainly available from other public sources, the Daily Mail said it also included client lists, invoices, receipts and credit notes, and possibly revelations that could embarrass customers who might have bought gifts for secret lovers.
Enter the strange mea culpa. An article on TheDigitalHacker showed a screenshot of the Conti semi-apology statement, which pledged not to release any information about any of the Middle Eastern countries’ royal families. Everyone else, however, is fair game, it seems—including the likes of David Beckham, Oprah Winfrey, and Donald Trump.
In its statement, Conti—which is believed to have made millions from its various ransomware attacks—pledged to implement “a more rigid data review process” for future hacks. It also claims it hadn't yet auctioned or sold the data, but it clearly has a huge dislike of rich Westerners.
“Our goal is to publish as much of Graff's information as possible regarding the financial declarations made by the US-UK-EU Neo-liberal plutocracy, which engages in obnoxiously expensive purchases when their nations are crumbling under the economic crisis, unemployment, and COVID,” says the statement, below.
The Digital Hacker posted a screenshot of the Conti statement.
Meanwhile, the Daily Mail interviewed several cyber security experts, who said Conti appears to be worried about potential revenge from the Middle East leaders, especially bin Salman, the Saudi Crown Prince. From the article:
Philip Ingram, a former colonel in British military intelligence, said: 'This apology to the Saudis suggests there were some potentially serious repercussions about to be visited on the Conti gang. We may never know if and where any bodies turn up.'
Allan Liska, a researcher at cyber security firm Recorded Future, said: 'Even ransomware groups are subject to political pressure. My guess is that they had a conversation with someone in the Kremlin who told them this was a bad idea.'