British luxury jeweller Graff has filed a lawsuit against its insurer for refusing to cover a multi-million dollar ransom payment.
Graff paid $US7.5 million in cryptocurrency to a notorious Russian hacking syndicate, Conti, after the company was hacked using ransomware in September of 2021.
As a part of the extortion, the public leaking of confidential client information was threatened against Graff.
Graff’s lawsuit has been made against Travelers Companies Inc, stating that the ransom paid in cryptocurrency to the criminals should have been covered under its insurance policy.
A Graff spokesperson told Bloomberg, “We are extremely frustrated and disappointed by Travelers’ attempt to avoid settlement of this insured risk.”
As reported in Jeweller last year, the hackers reportedly stole high-profile identities from Graff and leaked personal and sensitive information on the ‘dark web’.
In a bizarre twist, the hackers released a statement of apology saying: “We found that our sample data was not properly reviewed before being uploaded to the blog” and it assured Saudi Arabia, UAE, and Qatar families whose names appeared on the leak that any information pertaining to the royal family members “will be deleted without any exposure and review.”
Cybersecurity experts said the unexpected response from the hackers could have been borne out of fear of possible repercussions for any customers on the list. The hacked files included invoices, client lists, receipts, and credit details of Graff clientele.