Updated: Jul 5
Data breach! New York based entertainment celebrity law firm Grubman Shire Meiselas & Sacks
Hackers are demanding a ransom of $42 million (about Rs. 317 crores) from New York-based celebrity and entertainment law firm Grubman Shire Meiselas & Sacks, with a week-long deadline and looming threat of its clients' personal details published online publicly. The hacking group Revil which is behind the attack according to cybersecurity firm Emsisoft, alleges to have information on the likes of Priyanka Chopra Jonas, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Jessica Simpson, Idina Menzel, Christina Aguilera, Mariah Carey, Mary J. Blige, Ella Mai, Cam Newton, Bette Midler, Run DMC, and Facebook.
It alleges to have personal details of Priyanka Chopra Jonas, Lady Gaga, Madonna, and a ton of dirty laundry on Donald Trump.
On May 8, the hackers posted evidence of the stolen data, a screenshot of Madonna's contract for the 2019-20 “Madame X” tour - on the dark web, per Emsisoft. Said data is allegedly 756GB in size, and includes phone numbers, email addresses & personal correspondence and many more. On May 11, Grubman Shire Meiselas & Sacks confirmed that it had suffered a breach, notified its clients and staff, and was working on that. That was followed by the $21 million ransom demand on May 12.
But the law firm is refusing to negotiate with the hackers, as the FBI is currently investigating the case. Emsisoft had said that the hackers would publish the data in instalments if payment wasn't made, and that happened too.
On May 13, the hackers allegedly tried to share 1GB of files to cloud storage service Mega. But their account was terminated by Mega due to a breach of terms of service. According to Variety, in an online post, the hackers taunted the law firm for hiring ransomware remediation firm Cove ware, calling it “a mistake to hire a recovery company in the negotiations.”
And then on May 14, the hackers doubled the ransom demand to $42 million, and said they also have a ton of dirty laundry on US President Donald Trump, which they would publish in a week if payment not made. But Trump has never been a client of Grubman Shire Meiselas & Sacks, so the connection isn't clear.
If “Revil” / “Sodinokibi” is truly behind the attack on Grubman Shire Meiselas & Sacks, then the latter joins a list of targets including the UK-based currency exchange Travelex and Florida-based management consulting Brooks International among others. Travelex paid $2.3 million (about Rs. 17.35 crores) in bitcoin to hackers who had taken over its network, according to the Wall Street Journal in April.