Hackers have taken the personal details of world leaders and Hollywood A-listers in a huge ‘virtual theft’ on Graff, The Mail on Saturday can reveal.

Cyber criminals have already leaked 69,000 confidential documents to the so-called “dark web”, including files relating Donald Trump, Oprah Winfrey and David Beckham.

They are also believed to be demanding ransom money in excess of tens to millions of pounds to stop the release or further sensitive information.

Conti, a notorious Russian hacking gang is behind the data theft. Graff claims that the information published, involving approximately 11,000 of Graff’s wealthy clients, is just one percent of the files it stole.

Customers who have taken documents including client lists, invoices receipts and credit notes could be embarrassed by the fact that they may have purchased gifts for secret lovers or received jewellery as bribes.

Russian hackers have plundered the personal details of world leaders, actors and personalities in a 'virtual heist' on exclusive jewellery firm Graff. Pictured: The list of victims is believed to include David Beckham

Russian hackers have plundered the personal details of world leaders, actors and personalities in a ‘virtual heist’ on exclusive jewellery firm Graff. Pictured: David Beckham is thought to be on the list of victims.

Philip Ingram, a former colonel in British Military Intelligence, said, “Given the profile the customer database, it is absolutely massive.”

“This is going be the highest level of international law enforcement coming down on the band, and that’s going give them a lot more headaches in trying get the ransom payment and then get away.

Cyber experts believe the extortionists will demand payment either in an untraceable cyber currency such as Bitcoin – or even in jewels.

Around 600 British customers have been named as victims, including Tamara Ecclestone, Formula One heiress, and Frank Lampard, former footballer. Frank Lampard was previously seen leaving Graff’s flagship London shop with Christine Bleakley.

The list includes Hollywood stars Alec Baldwin, Samuel L Jackson, and Tom Hanks. Alec Baldwin is already in trouble after accidentally shooting dead cinematographer Halyna Utchins on set of his latest movie.

The leak also features Tony Bennett, a singer. Two addresses for Oprah Winfrey, the US chat show queen, and seven addresses for Donald and Melania were also published.

International superstars on the list include Hollywood actors Tom Hanks (pictured), Samuel L Jackson and Alec Baldwin, already troubled after accidentally shooting dead cinematographer Halyna Hutchins on the set of his latest film

The list includes international superstars Alec Baldwin, Samuel L Jackson, and Tom Hanks, Hollywood actors who were already in trouble after accidentally shooting dead cinematographer Halyna Utchins on the set for his latest film

Conti, which is believed to be based near St Petersburg, released the first cache of customer information earlier this month on the dark web, a secretive part of the internet known as a haven for terrorists and criminals – who could potentially use the material for theft, extortion or blackmail.

The Information Commissioner’s Office, which can impose multimillion pound fines to companies that fail secure customers’ data, stated it was investigating the breach.

Graff, a London-based company founded by Laurence Graff, an 83-year old self-described ‘King Of Bling’, stated that it had informed any individuals whose personal information may have been accessed.

But one well-known British millionaire named in the files as having bought a pair of yellow and white diamond earrings worth £237,000 in January last year said he had not been notified.

King of Bling was the victim in the UK’s largest unsolved theft of diamonds

By Molly Clayton

The Conti cyber hack isn’t the first time that the jewellery empire Laurence Graff founded at 18 years old has been attacked by hardened criminals.

Two men in sharply tailored suits entered Graff Diamonds’ Mayfair branch, pulled out their guns, and threatened staff members.

Before being taken hostage, a female shop assistant was forced into emptying the display cabinets.

The raiders freed her in the street, firing a shot into the air and escaping in a BMW with a haul of 43 rings, bracelets, necklaces and watches, valued at nearly £40 million.

The robbers also left behind a mobile telephone as they were escaping from cars. The numbers on it led to the culprits. They had spent four hours disguised by a professional makeup artist, believing it was for a music clip.

Five men were each sentenced to prison for their participation in the raid. However, none of the stolen jewellery in Britain’s largest unsolved gems fraud was ever recovered.

Almost three decades earlier, in September 1980, the 45-carat Marlborough diamond – worth more than £2 million at today’s prices – was stolen from a Graff store in Knightsbridge.

The two robbers were believed to be members the Chicago Mafia. However, the diamond that once belonged to the wife the Duke of Marlborough, a relative of Winston Churchill was never recovered. They are believed to have taken their haul to New York as they were returning home.

Now worth £2.9 billion, Laurence Graff, 83, started as an apprentice in the diamond district of Hatton Garden, London. The East End boy, 15, scrubbed floors and cleaned the toilets while he took classes at the Central School of Arts and Crafts. He was told that he would “never make it to the grade”.

Graff was determined to prove his teachers wrong and began selling his own designs in 60. He opened two London boutiques two year later. Today, there are over 60 worldwide. Former US President Donald Trump bought his wife Melania’s £1 million, 15-carat emerald cut diamond engagement ring from Graff, adding a Graff 25-carat ring worth £2.8 million for their tenth anniversary.

The Mail on Sunday published in October 2009 that Graff had given birth to a child with 34-year-old ex-employee. He divorced Anne Marie but they decided to remain together just minutes before their court hearing.

The couple have two sons – Francois, 56, chief executive of his father’s business empire, and Stephane, 55, a successful artist – as well as a daughter, Kristelle, 41.

Separately, the documents show that Mr Beckham, his wife Victoria and their eldest son Brooklyn – who has posted images of jewellery bought for his actress fiance Nicola Peltz on social media – are Graff customers.

The documents also reveal that the charity Make A Wish Foundation UK spent £60,000 on a Princess Butterfly Watch in October 2019. The charity did not respond when asked about the item, its purchase and why it was bought.

Former Topshop boss Sir Philip Green and his wife Lady Tina are listed as clients of Graff, which has a store in Monaco, where the family’s £100 million superyacht Lionheart is moored. The New York address of Sir Len Blavatnik (Britain’s richest man), as well as that of George Soros, a financier, are also listed.

Ghisaline Maxwell, a socialite, is also listed. She is being tried for recruiting underage girls for Jeffrey Epstein.

Although the files don’t list what she bought, it does give her the billing and shipping address. She is close to Little Saint James, which Epstein used to abuse some of his victims.

Another customer was Erbolat Dusev, a former deputy prime minster of Kazakhstan. The Graff client in Monaco is the Saudi Crown Prince Mohammed bin Salman. Sheikh Mohammed bin Rashid Al Maktoum is the ruler of Dubai.

Named also are Salman bin Hamad Al Alkhalifa, the prime Minister of Bahrain, and Sheikh Bin Jabr Al Thani Hamad Bin Jassim Al Prime Minister of Qatar.

Another document shows that the late Tetra Pak billionaire Hans Rausing bought a pair of ruby waterfall earrings for £89,000 and white diamond earrings for £29,000 in 2019.

Cyber experts believed it most likely that Graff’s files were gained by hackers through an email. The email tricked a member of staff into opening a file with a sophisticated ‘ransomware’ computer virus.

This would have provided hackers with a way to bypass any anti-virus software and firewalls, and allow them to steal company data.

Daria-Romana Pop is an intelligence analyst at cyber threat firm Kela. She said that once they have delivered the ransomware note, operators often start leaking data to intimidate victims.

“It starts with one percent of the files to persuade a victim to pay the ransom. It may take days to weeks to leak all data depending on the negotiation. They took one week to publish this particular attack.

‘Conti’ is also known for threatening victims’ clients, partners, or other parties with attacks. Conti and other ransomware group usually determine the ransom according to the company’s size and its revenue.

Conti’s ransom demands are very high. They can be as high as ten percent of the victim’s annual income.

A spokesman for ICO said that they had received a report from Graff Diamonds Ltd about a ransomware attack. We will contact the organization to further inquire about the information.

A spokesperson for Graff, which according to its latest accounts had revenues of £450 million in 2019, said: ‘Regrettably we, in common with a number of other businesses, have recently been the target of a sophisticated – though limited – cyber attack by professional and determined criminals.

“We were alerted by our security systems to their intrusive activities, which allowed us to quickly react and shut down our network. We notified and have been working closely with the ICO as well as the relevant law enforcement agencies.

“We have informed the affected individuals and advised them on what to do.

The firm said it had been able to ‘rebuild and restart our systems within days – crucially with no irretrievable loss of data’.

Additional reporting: Molly Clayton, Jonathan Bucks

Russian cyber crooks are FBI’s most wanted 

ByJonathan Bucks for The Mail On Sunday 

The notorious Conti gang, a group of cyber hackers, has claimed responsibility for the egregious ‘virtual theft’.

The Russian-based group had previously penetrated the security systems of more than 400 organizations, including the Irish Republic Government agencies.

Last year, the Scottish Environment Protection Agency was victim to one the most destructive hacks of the group.

More than 4,000 files of the agency were leaked onto Internet. This included sensitive operational material and embarrassing staff emails complaining at the quango’s toxic’ management.

The files were released when the agency refused to pay a ransom, but the affair is thought to have cost it about £800,000.

The documents show that Mr Beckham, his wife Victoria and their eldest son Brooklyn – who has posted images of jewellery bought for his actress fiance Nicola Peltz (pictured together) on social media – are Graff customers

The documents show that Mr Beckham, his wife Victoria and their eldest son Brooklyn – who has posted images of jewellery bought for his actress fiance Nicola Peltz (pictured together) on social media – are Graff customers

Conti infiltrated Irish Health Service in May. This disrupted Covid-19 testing, and caused cancellations of patient appointments.

However, the Graff raid could be the biggest ‘diamond’ heist of all time – without a single stone being touched. Reams of personal information, including the home addresses of wealthy and famous Graff clients, have been poured out on the ‘dark web’ – with the threat of much more to follow if the gang is not paid.

These cyber crimes generate large sums of money that can be used to fund lavish lifestyles.

Maksim Yakubets is the 34-year old alleged head of Evil Corp hacking group and tops the FBI’s Cyber Most Wanted List. He drives a camouflage Lamborghini, and is married the daughter of a senior officer in the FSB (Russian security service).

Conti, like many ransomware groups, operates by sending a fake – or ‘phishing’ – email containing a link or attachment that installs a virus into the target’s computer network. This allows access to data systems for several weeks, or even months, before a ransom demand can be made.

Around 600 British customers are among the victims so far named, including Formula One heiress Tamara Ecclestone and former footballer Frank Lampard, who was previously pictured leaving Graff's flagship London store with his wife Christine Bleakley

Around 600 British customers have been named as victims, including Tamara Ecclestone, Formula One heiress, and Frank Lampard, former footballer. Frank Lampard was previously seen leaving Graff’s flagship London shop with his wife Christine Bleakley.

Experts believe the Conti ransomware virus was created by Wizard Spider, a group located in St Petersburg, Russia. This group has been linked to possible foreign spying activities.

Another notorious hacking group, Ryuk, is believed to be led by Wizard Spider.

Conti targets the organisations that Conti believes will pay a large ransom, and they hope they are most willing to do so.

Graff is not believed to be negotiating with hackers.

Cybercrime is becoming more common. The Information Commissioner’s Office issued a record £42 million in fines last year.

These included a £20 million penalty for British Airways, after the personal data of almost 430,000 customers and staff was accessed, and an £18.4 million fine for hotel chain Marriott after 339 million guest records were taken.