Major media and entertainment law firm Grubman Shire Meiselas & Sacks said that after its internal data systems were hacked, a vast trove of information on its clients was stolen. The files stolen were apparently pertaining to their roster of A-list clients, including Lady Gaga, Madonna, Elton John, Barbara Streisand, Bruce Springsteen, and Nicki Minaj amongst others.
“We can confirm that we’ve been victimized by a cyberattack,” the New York-based firm said in a statement to Variety. “We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
The data heist was conducted by hacker group REvil, which also operates under the alias Sodinokibi. First news of the security breach surfaced last weekend on dark web forums, when the group uploaded an excerpt of a contract for Madonna’s 2019-20 Madame X tour with Live Nation as proof.
A cyber analyst who requested anonymity provided SC Media with content posted on the Sodinokibi/REvil ransomware group’s website that claims the attackers stole a whopping 756 GB of data from the New York-based firm.
In addition to contracts, leaked data reportedly also includes nondisclosure agreements, phone numbers, email addresses and personal correspondence.
“Personal information is valuable by itself, but personal information about celebrities is even more valuable,” said Jonathan Knudsen, senior security strategist at Synopsys. “The attackers in this case have, unfortunately, perpetrated a crime with deep impact.”
Typically, ransomware attackers will continue to release stolen files in piecemeal fashion until the victim pays up in order to restore their encrypted files and prevent any additional damaging leaks.
“Law firms are increasingly becoming desirable targets of sophisticated cyber gangs,” said Ilia Kolochenko, founder and CEO of ImmuniWeb. “It is often much easier and faster to breach a mid-sized law firm to get ultra-confidential data compared to targeting its large clients directly, such as banks or celebrities as reportedly happened in this case.”
Kolochenko said few law firms are prioritizing investment in holistic cyber resilience and defense, understanding their attack surface or conducting sufficient employee training. “Furthermore, a considerable number of law firms have no incident detection and response capacities, often leaving them unable to detect an intrusion in a timely manner. Worse, modern law firms have to deal with diversified digital flow of sensitive and privileged data on their mobile phone, laptops and office computers. Partners and clients exacerbate this convoluted landscape by uploading confidential documents to public cloud or file sharing websites.”
We wish the best to the clients who are getting the wrath of the cyber thieves. Well keep you posted on any further details.