Gemological Institute of America (GIA) has released the list of client accounts at the heart of a hacking scandal.
The move comes after Indian police arrested two former employees of the company contracted to support GIA’s database, Tata Consultancy Services (TCS).
According to GIA, Indian police investigating the hacking of its grading information made the arrest mere days after the institute announced the data breach, which had been done remotely.
The list, which can be seen here, includes the number and issue date of the invalidated reports and the shape and weight of each diamond. It does not include colour or clarity grades, as those may have been altered. GIA says these client accounts have been suspended from further submissions while the investigation continues.
Anyone in possession of the diamonds and grading reports is asked to return them to GIA for examination at no charge.
According to GIA, discrepancies in grading information were identified by internal controls, which spurred an investigation in conjunction with TCS. It is alleged the former employees were directed by other parties to gain unauthorized remote access to alter grades before reports were printed and sent to clients.
The institute says most of the diamonds were submitted in India between November 2014 and September 2015, while approximately 900 were sent for grading in July and August. Many were graded in full or in part at other GIA locations, including Carlsbad and New York. Some stones were sent directly to GIA in Carlsbad for grading.
