Hackers threaten to auction Mariah Carey, Lebron James, Nicki Minaj’s legal documents unless paid $42M ransom
REvil hackers claimed to have stolen 756 gigabytes of data when they breached the entertainment law firm Grubman Shire Meiselas and Sacks' network
In May, a group of hackers that goes by the name REvil executed a data hack into entertainment law firm Grubman Shire Meiselas and Sacks. REvil hackers claimed to have stolen 756 gigabytes of data when they breached the firm’s network and initially threatened to release personal details of some of the law firm’s biggest clients, like Elton John, Lady Gaga, Barbra Streisand, Lizzo, and Madonna, unless the group was paid a ransom of $21 million via bitcoin.
Following that, the hackers claimed that within the stolen data, they had discovered confidential information about U.S. President Donald Trump, and subsequently upped the ransom amount to $42 million.
The data hack’s latest twist arrived on Wednesday, June 24, when the group reportedly threatened to auction off a vast amount of sensitive documents. According to a report in Variety, the group laid out a schedule that would begin on July 1 and mentioned that sensitive documents regarding Mariah Carey, Nicki Minaj, and Lebron James would be released. REvil further said that on July 3, documents pertaining to Bad Boy Records, MTV, and Universal would be auctioned. And finally on July 5, the same would be done for an unspecified party.
According to reports, REvil's public auction for the documents pertaining to Minaj, Carey, and James would begin at $600,000. For the load of documents owned by Universal and MTV, bids would begin at $1 million. For the data related to Bad Boy Entertainment Holdings, the starting price was mentioned to be $750,000. No details have yet been mentioned for the July 5 auction.
According to reports, the hackers’ note says, “We have so many value files, and the lucky ones who buy these data will be satisfied for a very long time. Show business is not concerts and love of fans only -- also it is big money and social manipulation, mud lurking behind the scenes and sexual scandals, drugs, and treachery.”
The group further said, “Each lot includes full information downloaded from the office, namely -- contracts, agreements, NDA, confidential information, court conflicts [and] internal correspondence with the firm.”
According to Music Business Worldwide, REvil’s post included a disclaimer that they would not be "responsible for the [buyer’s] actions". They, however, guaranteed that the data would be deleted from their servers once sold. The auctions will reportedly run for three months.
The message ends with a note the law firm’s founder Allen Grubman: “Mr. Grubman, you have a chance to stop that, and you know what to do.” It is presumed that this is in reference to the aforementioned $42 million ransom.
A spokesperson for Grubman Shire Meiselas and Sacks said in a statement: “The most recent post is yet another desperate nuisance tactic these criminals are using to try to squeeze out a profit from stolen data. Our clients and the entertainment industry as a whole have overwhelmingly applauded the firm’s position that we will not give into extortion.”
REvil, sometimes also known as Sodinokibi, had previously targeted companies and organizations like Travelex, a U.K.-based currency-exchange company. Travelex paid the hackers $2.3 million in bitcoin after a ransomware attack.