Legal secrets of celebrities at risk after hackers steal data from law firm


A top law firm has notified A-list clients including Lady Gaga, Lizzo and Madonna of a major data breach after a group of hackers posted purportedly stolen documents naming them.

The notorious hacker group ‘REvil’, allegedly from Eastern Europe, are said to have demanded a $21million ransom after stealing private emails, contracts and personal details.

‘We can confirm that we’ve been victimized by a cyberattack,’ New York-based entertainment law firm Grubman Shire Meiselas & Sacks said in a statement to Variety on Tuesday.

‘We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.’

The incident is evidently a ransomware attack, in which cybercriminals use the threat of releasing the stolen data as leverage to extort payment.

According to a source, one of the firm’s founders, Allen Grubman, has ‘sensitive details on everything – work contracts, confidential settlements and endorsement deals for the biggest stars in New York and Hollywood.’

The group posted a contract signed by singer Christina Aguilera and another artist she worked with in 2013.

Another document related to the rapper Lizzo reportedly emerged too.

A release from REvil shows a list of files with the names of celebrities, including Bruce Springsteen, Barbara Streisand, Bette Midler and Mariah Carey.

The hackers also claim to have obtained files pertaining to other past and present clients including singers Nicki Minaj, Mary J. Blige, Jessica Simpson and Ella Mai; NFL player Cam Newton; actresses Priyanka Chopra and Idina Menzel; and rap group Run DMC.

HBO show Last Week Tonight With John Oliver was reported to be a target.

Sources told Page Six that the FBI is investigating. One told the outlet, ‘The hackers got into the system while everyone was focused on the coronavirus.

‘We assume, but there is no confirmation, that the hackers are Eastern European. They are demanding a $21 million ransom, and the firm is not negotiating with them.’

In the past REvil has published stolen documents after companies didn’t pay up.

Emsisoft threat analyst Brett Callow told Variety it ‘is simply a warning shot’.

Grubman’s firm said HBO, Zoom and the Texas court system have been understanding as they have been victims of similar attacks: ‘Their clients have expressed overwhelming support as they understand the firm is the latest high-profile victim of this global extortion scheme.’

Travelex is the world’s largest retail currency dealer and provides travel money services for a host of partners.

Law firms are often viewed by hackers as tempting targets, with troves of sensitive documents pertaining to dozens or hundreds of clients.

REvil, also known as Sodinokibi, was also responsible for a ransomware attack against currency service Travelex in January.

The group demanded a ransom of $6million in return for not deleting sensitive customer information.

It took four weeks before the company’s money transfer service and wire offering was fully up and running again, after Travelex reportedly agreed to pay a $2.3million ransom in bitcoin.


Leave a Reply

Your email address will not be published. Required fields are marked *