Celebrities' personal data, including those of Priyanka Chopra and Lady Gaga, hacked
- 12 May 2020
Gulf Today Report
A large media and entertainment law firm in the US representing top-notch celebrities like Priyanka Chopra, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen and more has experienced a major data breach where hackers got access to personal data of these celebrities.
Cyber criminals are threatening to release celebrity emails after claiming to have hacked a law firm to the stars.
The trove of data stolen from the New York-based firm by hackers "a total of 756GB" includes contracts, nondisclosure agreements, phone numbers and email addresses, and "personal correspondence ".
The hackers said they would release confidential documents belonging to Grubman, Shire, Meiselas and Sacks, a top entertainment law firm based in New York, if they refused to pay an undisclosed sum.
A photo showing computer files with names of dozens of celebrities from Elton John, to Priyanka Chopra and Bruce Springsteen, were posted on the dark web along with two letters signed by Madonna’s tour agent and Christina Aguilera. Nicki Minaj, Facebook and Idina Menzel were also named on the files.
The law firm Grubman Shire Meiselas & Sacks, or gsmlaw.com for short, experienced a ransomware attack that apparently involved the appropriately named REvil malware.
Other celebrities whose sensitive personal data has been hacked are Christina Aguilera, Mariah Carey, Jessica Simpson, Naomi Campbell, Robert De Niro, Sofia Vergara, Spike Lee, the Osbournes (Ozzy, Sharon and Kelly), and several more.
Representatives for the law firm did not issue a comment and their website gsmlaw.com was effectively offline, displaying only its logo.
In addition, top companies on the firm's client list include Discovery, EMI Music Group, Facebook, HBO, Imax, MTV, NBA Entertainment, Playboy Enterprises, Samsung Electronics, Sony Corp. Spotify, Tribeca Film Festival, Universal Music Group and Vice Media Group, among others.
According to global cybersecurity firm Sophos, rather than simply knocking the law firm out of action temporarily, the ransomware crooks have stolen personal data from a laundry list of celebrity clients.
In such ransomware attacks, said Sophos, cybercriminals use the threat of releasing the stolen data as leverage to extort payment.
REVil, also known as Sodin or Sodinokibi, isn't just operating on the old-school ransomware model of "scramble your files and offer to sell you back the decryption key".
The latest trend in ransomware attacks is to use a double-barrelled weapon that gives victims two reasons to pay up.
According to Sophos, the original criminal plot behind ransomware was that if you didn't have reliable backups that you could restore quickly, then you might have little choice but to pay up to decrypt all your scrambled files and get your business moving again.
READ MORE
Tom Cruise looks forward to getting back to shoot
Actress Nora Fatehi is elated to be the worlds most followed Moroccan artiste
Actress-singer Jennifer Lopez says motherhood is her greatest joy and her biggest challenge
In recent months, however, the cybercriminals have doubled down on their leverage.
Before scrambling all your files as a way of grabbing your attention, the crooks quietly upload huge troves of so-called acetrophy data" that they use to blackmail anyone who is hesitant to pay up."
In other words, the financial extortion is no longer just a "kidnap ransom" to get your files back, but also a blackmail demand to stop the crooks leaking your data – or, worse still, your customers' data – to the world.
"Indeed, the REvil crew has already followed through on its threats to embarrass victims who don't pay," Sophos said in a statement on Tuesday.
