No one is safe from cybersecurity incidents, not even celebrities. According to a recently revealed report, Grubman Shire Meiselas & Sacks, a legal media and entertainment firm, was the victim of a cyberattack that led to the theft of a large amount of confidential information about dozens of celebrities.
Information extracted by hackers could include confidential documents such as contracts, confidentiality agreements, phone numbers, email addresses, and even personal correspondence.
From a screenshot obtained by cybersecurity firm Emsisoft, the leak includes documents related to public figures such as Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Mariah Carey, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra, Idina Menzel, in addition to the social network Facebook, although it is not known exactly which documents were accurately exposed.
One of the documents exposed by the hacker group is an excerpt from a contract for Madonna’s 2019 “Madame X” tour with Live Nation.
The company has not officially ruled on this, in addition, its website is already offline and nothing is mentioned about the incident. According to Emsisoft, this leak is part of a ransomware attack, in which hackers employ a variant of malware to block access to a company’s information in order to demand payment of a ransom. Usually, these attacks are limited to encrypting compromised information, although there are some ransomware operator groups that also filter confidential information from victims to exert pressure and get the ransom paid.
So far it is still unknown how much the ransom amount demanded by the hacker group responsible for the attack amounts, although cybersecurity experts speculate that criminals could threaten to sell this information or post it on hacking forums if the legal firm refuses to pay.
The cybersecurity firm also mentions that the information presented so far is just a warning, as hackers still have a lot of confidential details about the legal firm and its clients.
Regarding those responsible for the attack, Emsisoft attributes it to the group identified as “REvil”, also known as “Sodinokibi”, which has previously been related to incidents in companies such as Travelex, Brooks International, among other firms. The attack suffered by the foreign exchange company was especially serious, with they having to pay a ransom of almost $2.5 million in Bitcoin, in addition to an expensive recovery process.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.