Cyber Crime

Top celebrities data at risk after REvil ransomware hits famous law firm

Currently, 756 GB of data pat risk is at risk due to the REvil ransomware attack which is also known as Sodinokibi.

Usually, we come across ransomware attacks targeting companies that fit the traditional corporate picture with huge amounts of data but nothing that would result in gossip. Except for a few times in the past when Instagram influencers had their data leaked online or when The Fappeneing took place.

However, just today, we’ve found out that a New York City law firm named Grubman Shire Meiselas & Sacks has been hit by the REvil ransomware placing 756 GB of data at risk.

Being a high-end media and entertainment law firm; naturally, the data belongs to high profile celebrities such as John Mellencamp, Elton John, David Letterman, Robert DeNiro, Christina Aguilera, Barbra Streisand, and Madonna.




Further, top media companies also happen to be its clients which include but are not limited to IMAX, Sony, HBO, Facebook & Vice Media.

Regardless, this does not necessitate that the data of all of them has been stolen. We only know right now that the celebrities that appear to have been affected include Bruce Springsteen, Lady Gaga, Jessica Simpson, Nicki Minaj, Priyanka Chopra, Mariah Carey, and Mary J.

The trove of data includes the following:

  • Contracts,
  • Telephone numbers,
  • Email addresses,
  • Personal correspondence,
  • Non-disclosure agreements.

All of these can be burdensome for the clients involved as they can be used for a whole range of malicious purposes. For example, telephone numbers and email addresses can be used not only for spamming but also to aid in social engineering attacks.

Personal correspondences would be of great usage in spear-phishing attacks as they give a deeper picture of how someone communicates and who they communicate with incentivizing the attackers to impersonate personnel.




Contracts and non-disclosure agreements, on the other hand, are meant to keep things confidential for competitive purposes and therefore their leak can not only hurt business relationships but also give competitors key information.

Currently, the attackers are demanding an unknown sum in Bitcoin from the law firm in exchange for keeping the data under wraps. To give a trial of what they hold, two letters that are believed to be signed by an agent of Madonna’s 2019 tour, and Christina Aguilera have also been published on the dark web.

One of the screenshots hackers released as a proof of hack

Grubman Shire Meiselas & Sacks itself has though not commented on these findings as of yet and so their strategy at the moment remains unclear.




Nonetheless, if there is one thing clear, it is that these malicious actors are serious. We know this from previous attacks of the ransomware on organizations such as Brooks International and National Association of Eating Disorders where the data was indeed published online due to the refusal of payment by these firms.

Hence, as the FBI suggests, it would be in the best interest of Grubman Shire to pay up seeing the massive opportunity cost at stake. Moreover, they should increase their security by implementing best practices like external audits to win back the trust of their customers and continue functioning with the same prestige.

To Top

Pin It on Pinterest

Share This