A ransomware gang is threatening to release legal secrets of the world’s biggest music and movie stars Lady Gaga, Elton John, Robert DeNiro, and Madonna, who are at risk of exposure after a ransomware attack on a high profile New York entertainment law firm.
It has been reported that Grubman Shire Meiselas & Sacks, who have been hit by the REvil ransomware, also known as Sodinokibi, with the attackers threatening to release up to 756GB of stolen data in nine staged releases.
However, the stolen data includes confidential contracts, telephone numbers, e-mail addresses, personal correspondence, non-disclosure agreements, and more.
The ransom amount demanded is not available, as it is invariably paid in Bitcoin.
It has been analyzed that the gang’s darknet site has been published screenshots of legal contracts for Madonna, Christina Aguilera, and of the company’s computer folder system.
Likewise, Brett Callow, the CEO of Emsisoft, said that the breach could have serious privacy ramifications as law firms hold highly sensitive information about their clients.
“It’s not only bad news for the firm; it also puts the clients whose data has been exposed at risk of blackmail, spear phishing, identity theft and other types of fraud. In this instance, REvil claim to have exfiltrated a total of 756GB of data.”
Also, Callow described the screenshots leaked by the hackers as “the equivalent of a kidnapper sending a pinky finger”.
As per the report, the firm represents a ‘Who’s Who’ of Hollywood and the music industry, which include:
- Barbara Streisand
- Bette Midler
- Maroon 5
- Robert De Niro
- Elton John
- John Mellencamp
- Rod Stewart
- Ricky Martin
- Shania Twain
- The Weeknd
- Lil Wayne
- David Letterman
Similarly, it also represents companies as well as athletes, which include:
- Vice Media
- LeBron James
- Carmelo Anthony
- Sloane Stephens
- Colin Kaepernick
Thus, Callow said:
“The data published so far would seem to simply be a warning shot. Should the firm not pay, whatever data the criminals the criminals may have obtained will be published online, probably in instalments in order to gradually ramp up the pressure.”