British multinational jeweler Graff Diamonds Corp. has filed a lawsuit against its insurer, The Travelers Companies, Inc. (Travelers), for failing to provide indemnity after it paid $7.5 million in Bitcoin to ransomware hackers.
Graff Sues Insurer Over $7.5M BTC Ransom Loss
According to a Bloomberg report on Wednesday, Graff’s security systems were exploited by the notorious Russian hacking gang Conti in September 2021. The breach allowed the group to access data belonging to “high-end” customers, including U.S. former President Donald Trump and the royal families in Saudi Arabia, UAE, and Qatar.
After the attack, Conti published 69,000 documents containing the private information of Graff’s clients while threatening to release more if the billion-dollar jewelry brand did not pay $15 million in Bitcoin.
In November 2021, Graff paid the gang 118 BTC (worth $7.5 million at the time), half of the amount initially requested. The company said it had to pay the ransom to protect its customers.
“The criminals threatened targeted publication of our customers’ private purchases. We were determined to take all possible steps to protect their interests and so negotiated a payment which successfully neutralized that threat,” a Graff spokesperson said.
After the incident, the company expected its insurer to cover the losses it incurred from the attack because it was an “insured risk.” However, Graff is yet to receive indemnity from Travelers.
“We are extremely frustrated and disappointed by Travelers’ attempt to avoid settlement of this insured risk. They have left us with no option but to bring these recovery proceedings at the High Court,” the jeweler said.
Bitcoin Ransomware Attack on the Rise
Meanwhile, Bitcoin ransomware attacks have become common over the past few years.
In May 2021, Elliptic, a blockchain security and analytics company, revealed that the infamous cybercriminal group DarkSide received $90 million in ransomware payments.
In June 2021, CryptoPotato reported that the United States department of the world’s largest meat producer, JBS S.A., was forced into paying $11 million in Bitcoin to hackers to prevent further ransomware attacks on its plants.
Featured Image Courtesy of The Graff