The website of the celeb law firm, Grubman Shire Meiselas & Sacks has been currently down and allegedly around 756 gigabytes of data was stolen from the company’s files. Email addresses, phone numbers and private correspondence are among the stolen data. The firm, run by star lawyer Allen Grubman, works with some of the world’s best-known celebrities and some of the biggest names in the entertainment industry like Robert De Niro, Madonna, Lady Gaga, Priyanka Chopra and Bruce Springsteen was targeted by hackers. News about the phishing attack emerged last week when a group called REvil or Sodinokibi, admitted having stolen the firm’s documents, releasing the screenshot of a contract-excerpt of Madonna’s “Madame X” 2019-20 tour with Live Nation.
The New York-based legal firm confirmed having been victimised by a cyber-attack and they notified their clients and staff, besides hiring experts who specialised in this area, and were working round the clock to address concerned issues. The stolen data includes private correspondence, email addresses, clients’ contracts, phone numbers and non-disclosure agreements according to Emsisoft, the cyber security company. A law firm spokesperson reported that the hackers demanded a $42 million ransom; else they would release more documents of the firm. The firm is working with the FBI and would not pay the ransom. The leaking of confidential client documents is an illegal attack by foreign cyber-terrorists who extort from high-profile entertainers, politicians, US companies, government entities, and others. FBI Experts confirmed that paying ransom to terrorists or even negotiating with them, is in violation of federal criminal law. Even after enormous ransoms are paid, criminals leak the documents.
A ransom, perhaps
The hackers may ask for a hefty ransom to be paid to stop future leaks of confidential information. This particular law firm has over 200 high profile clients, including music stars Barbra Streisand, Mariah Carey, Sir Rod Stewart, Sir Elton John, Lil Nas X, Drake, U2, and Lady Gaga. Boxer Mike Tyson, actors Tom Cruise, Dwayne Johnson and reality stars the Kardashian family also use the lawyers’ services and their files are now available on the dark web. Big corporates like Sony, IMAX, Facebook, and HBO, have also used the law firm.
The hackers though to be behind this latest cyber theft were behind an attack on Travelex, a UK foreign exchange firm in early 2020, which paid around £1.87 million to get its files back. Brett Callow, Emsisoft’s threat analyst, said that non-payment of this demand could result in the information being published and payment will simply secure a promise from the criminals that stolen data would be deleted. Such incidents were becoming commonplace and increasingly a cause for concern as hacking law firms led to leakage of sensitive data they held
Trump Not a Client
The high-profile NYC law firm which was targeted by hackers confirmed never working with President Donald Trump after the cyber-criminals warned to release damaging information about the President and demanded $42 million to keep mum. The firm confirmed it had been hacked and that Trump was never their client. There is no evidence the hackers actually had damaging information about the President. Companies and local governments across the US and around the world were the target of ransom-ware attacks. Hackers access a victim’s system, encrypt the victim’s files and give victims access to their own files, when a hefty ransom is paid.