A major entertainment and media law firm experienced a massive data breach that may have compromised the data of many celebrities including Bruce Springsteen, Lady Gaga, Madonna, Nicki Minaj, Christina Aguilera, and others.
Grubman Shire Meiselas & Sacks, a New York-based law firm, was hit by a ransomware attack that compromised at least 756 gigabytes of client data, including contracts, non-disclosure agreements, contact information and personal correspondence. The hackers appear to have used REvil, or Sodinkobi, a ransomware strain behind several high-profile cyberattacks on targets including Kenneth Cole, Travelex, and Brooks International.
Whoever is behind the hack has threatened to publish the stolen data in nine installments unless the law firm pays an undisclosed ransom. They have since released documents belonging to Madonna and Christina Aguilera on the dark web to prove they have the goods and are willing to make them public.
Grubman Shire Meiselas & Sacks has yet to issue a statement on the breach. As of May 12, their website is still currently offline.