Entertainment and media law firm Grubman Shire Meiselas & Sacks said that its internal data systems were hacked and information on its clients was stolen, which puts a large number of A-list celebrities at risk.
“We can confirm that we’ve been victimized by a cyberattack,” the New York-based law firm said in a statement to Variety. “We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
The news come almost a week after a hacker group claimed to have stolen 756 gigabytes of documents from the law firm on many entertainment figures and musicians.
The documents included contracts, personal e-mails, nondisclosure agreements, phone numbers and private correspondence related to clients, which includes celebrities like Madonna, Lady Gaga, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Drake, Mariah Carey, Lebron James, Priyanka Chopra, Idina Menzel and The Weeknd, the hackers claimed.
The hackers reportedly are said to be demanding $21 million or they are threatening to make public “personal details” of multiple clients represented by Gruban Shire Meiselas & Sacks, including Elton John, Lady Gaga and Barbra Streisand.
According to cybersecurity firm Emsisoft, the hacker group released an excerpt from a contract for Madonna’s 2019-20 “Madame X” tour with Live Nation to prove the hack was real.
The group also posted a confidentiality agreement that belongs to Lizzo and they revealed one of Aguilera’s documents in regards to masters of her music.
The hack was carried out by a group called “REvil,” also known as “Sodinokibi,” according to Emsisoft.
“In these cases, it’s also possible that the criminals will attempt to extort money directly from the people whose information was exposed. For example, after a plastic surgeon’s data was stolen, his patients were contacted and threatened with the release of their before-and-after photos unless they paid,” Brett Callow, threat analyst at Emsisoft told Global News.
“Unfortunately, companies in this situation have no good options available to them,” Callow added. “Even if they pay the ransom demand, there is no guarantee that the criminals will destroy the stolen data, especially if it has a high market value. The data may still be sold or traded. In fact, one group actually invites interested parties to bid on the data it has stolen.”
The group previously attacked foreign exchange company Travelex with ransomware in January.