A New York City law firm that serves some of the world’s biggest stage and film stars appears to have been the victim of a REvil ransomware attack.
Attackers threaten to expose nearly 1TB of private celebrity data unless Grubman Shire Meiselas & Bags pays a ransom in Bitcoin.
With a client list that reads like a celebrity, the entertainment and media law firm manages the private legal affairs of John Mellencamp, Elton John, David Letterman, Robert DeNiro, Christina Aguilera, Barbra Streisand and Madonna.
The companies Facebook, Activision, iHeartMedia, IMAX, Sony, HBO and Vice Media and sports stars LeBron James, Carmelo Anthony, Sloane Stephens and Colin Kaepernick are also clients of Grubman Shire Meiselas & Sacks.
Cyber thieves claim to have used the REvil ransomware (also known as Sodinokobi) to steal 756 GB of data which includes contracts, phone numbers, email addresses, personal correspondence and no agreements. -disclosure.
Attackers threaten to release the data in nine staggered versions unless they receive an undisclosed sum. Grubman Shire Meiselas & Sacks has yet to confirm or publicly comment on the alleged ransomware attack.
Commenting on the incident, EmsisoftBrett Callow said the impact of the attack could extend beyond the law firm to its famous and rich client list.
“This isn’t just bad news for the business; it also puts customers whose data has been exposed to the risk of blackmail, spear phishing, identity theft and other types of fraud.” , said Callow.
Celebrities reportedly affected by the incident are Bruce Springsteen, Lady Gaga, Jessica Simpson, Nicki Minaj, Priyanka Chopra, Mariah Carey and Mary J. Blige. Cybercriminals also claim to have exfiltrated data belonging to hip-hop legends Run-DMC and Outkast.
The attackers have so far posted two letters apparently signed by Madonna’s 2019 tour agent and Christina Aguilera on the dark web.
Previous victims of REvil ransomware attacks include 10x Genomics, Brooks International, Kenneth Cole, and the National Association of Eating Disorders. In each case, data stolen from victims was released online when the targeted company refused to pay. One victim, Travelex, paid $ 2.3 million to recover files stolen in an attack.