The hackers who stole files from entertainment and media law firm Grubman Shire Meiselas & Sacks say that they have sold all their “dirty laundry” on U.S. President Donald Trump to a secret buyer, and up next is Madonna.
Hacking group REvil claimed to have stolen 756 gigabytes of documents from the law firm last week, including information on many entertainment figures and musicians, which puts a large number of A-list celebrities at risk.
Now, they’re demanding at least US$1 million for details on Madonna.
The hackers were previously demanding $21 million or they threatened to make public “personal details” of multiple clients represented by Grubman Shire Meiselas & Sacks, including Elton John, Lady Gaga and Barbra Streisand.
The hacker group doubled its ransom to $42 million after the firm refused to pay last week.
Grubman Shire Meiselas & Sacks said the FBI considered the hack “an act of terrorism.”
Brett Callow, threat analyst at Emsisoft, told Global News that the hacker group is preparing to auction the Madonna data at the starting price of $1 million.
“Interested people contacted us and agreed to buy all the data about the U.S. president, which we have accumulated over the entire time of our activity. We are pleased with the deal and keep our word,” the group wrote.
“We are preparing to auction Madonna data. The rules are the same:
- One-handed information
- Confidentiality of the transaction
- We delete our copy of the data
- The buyer has the right to do whatever he sees fit with the data received
“Starting price — 1 million dollars.”
Last week, Grubman Shire Meiselas & Sacks said that its internal data systems were hacked and information on its clients was stolen.
“We can confirm that we’ve been victimized by a cyberattack,” the New York-based law firm said in a statement. “We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
The documents included contracts, personal emails, nondisclosure agreements, phone numbers and private correspondence related to clients, who include celebrities like Madonna, Lady Gaga, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Drake, Mariah Carey, LeBron James, Priyanka Chopra, Idina Menzel and The Weeknd, the hackers claimed.
According to cybersecurity firm Emsisoft, the hacker group released an excerpt from a contract for Madonna’s 2019-20 Madame X tour with Live Nation to prove the hack was real.
The group also posted a confidentiality agreement that belongs to Lizzo and revealed one of Aguilera’s documents in regards to masters of her music.
“In these cases, it’s also possible that the criminals will attempt to extort money directly from the people whose information was exposed. For example, after a plastic surgeon’s data was stolen, his patients were contacted and threatened with the release of their before-and-after photos unless they paid,” Callow told Global News.
“Unfortunately, companies in this situation have no good options available to them,” Callow added. “Even if they pay the ransom demand, there is no guarantee that the criminals will destroy the stolen data, especially if it has a high market value. The data may still be sold or traded. In fact, one group actually invites interested parties to bid on the data it has stolen.”
The group previously attacked foreign exchange company Travelex with ransomware in January.
Madonna has not addressed the threat from REvil as of this writing.