The law firm that handles some matters for both celebrities, among a whole list of other hugely popular people, has been hacked according to BBC. The law firm called Grubman Shire Meiselas & Sacks is based in New York and has a whole list of high-profile clients that include music artists, TV personalities, sports stars, and actors. The lawyers were hit by Sodinokibi, a powerful ransomware strain, also known as rEvil. The ransomware encrypts data and helps the hackers demand payment in return for a digital key that is supposed to unlock access to infected systems. This is not the first time this method is used against private entities; earlier this year, the same cyber-crime tool was used by hackers to take the scalp of the currency services company named Travelex.
The cyber-criminals behind the attack claim that they’ve managed to steal more than 750 gigabytes of data from the law firm. By implementing the sophisticated ransomware attack, they managed to encrypt the sensitive information and are demanding to be paid in cryptocurrency to unlock the files. Currently, it has not been disclosed what is the sum that they are demanding nor if there is a deadline for the law firm to take action before all the files become publicly available.
In a statement given to Variety magazine, the law firm confirmed that they’d been victimized by a cyberattack. According to the same statement, the entertainment lawyers have already notified their clients and have hired cyber experts to help them address the issue. The company’s website only shows the law firm’s logo as the company’s files remain locked while cybersecurity experts are investigating the incident and are trying to decrypt the locked data.
According to the cybercriminals, the compromised information includes personal information such as phone numbers, email addresses and personal correspondence. Copies of contracts and non-disclosure agreements are included in the stolen information too. Even the richest and famous find it hard to maintain privacy as hiring a top law firm yet does not guarantee them that personal information won’t surface overnight stolen by hackers. The fact that so much information has been taken means that the backdoor has been open for quite some time, which brings more questions about the importance of cybersecurity on both personal and company level.