Madonna, Lady Gaga and Nicki Minaj among celebs hit by cyber attack as hackers steal 756 GB of private data
A law firm that represents musical icons such as Madonna, Lady Gaga, Nicki Minaj, and Bruce Springsteen has confirmed to their clients a recent report that the company's internal data systems were hacked, which could lead to the exposure of sensitive data.
A rep from the media and entertainment law firm in New York, named Grubman Shire Meiselas & Sacks, said, “We can confirm that we’ve been victimized by a cyberattack,” according to Rolling Stone. “We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters," they added.
A hacker group known as REvil or Sodinokibi claimed it stole 756 gigabytes of sensitive material from the network of the law firm which includes phone numbers, email addresses, personal correspondence, contracts and nondisclosure agreements, as reported by Variety on May 9. According to cybersecurity software and consulting company named Emsisoft, the hackers revealed evidence of the theft on a dark web forum that enables users to hide their identities through encryption. One such document was an excerpt from a contract for Madonna's 2019-2020 'Madame X' tour.
The group also alleged that clients hit by the hack included Madonna, Nicki Minaj, Lady Gaga, Bruce Springsteen, Mariah Carey, Christina Aguilera, Mary J Blige, Bette Midler, Idina Menzel, Run DMC, Cam Newton, Jessica Simpson, Priyanka Chopra and Ella Mai.
Brett Callow, the threat analyst for Emsisoft, said that the released data so far equates to a "warning shot", or “the equivalent of a kidnapper sending a pinky finger." He also said that the implied threat is that the hacker group will publish more stolen data, potentially in installments, if the law firm doesn't pay a ransom. As of now, reports are unclear as to the specific amount the group is requesting. Callow spoke of the amount that US organizations have already paid in ransom demands last year. “Globally, the annual cost is almost $170 billion,” he said.
As of late (since Saturday morning), the Grubman Shire Meiselas & Sacks website only displays the company logo.