The New York-based firm said that it had informed its roster of A-list clients of the breach. Their statement partially reads: Reports of this hack erupted last week after one hacker group alleged that it had breached the Grubman Shire Meiselas & Sacks network. Based on their allegations, the hackers said that they stole a staggering 756 gigabytes of documents. They targeted many music and entertainment figures. Those affected by this cyber attack include Jessica Simpson, Priyanka Chopra, Idina Menzel, Lady Gaga, Madonna, Nicki Minaj, Mariah Carey, Cam Newton, Bette Midler, Bruce Springsteen, Mary J. Blige, Run DMC, Christina Aguilera, and Ella Mai.
The Hack
The stolen data reportedly includes phone numbers, contracts, email addresses, nondisclosure agreements, and private correspondence. The group posted these claims on a dark web forum, according to Emsisoft cybersecurity firm. The hackers did not release all of the data that they claim to have stolen. To confirm that the hack was real, they published an excerpt from Madonna’s 2019-20 “Madame X” tour with the Live Nation contract. This breach proves to be a ransomware attack where the cybercriminals use the threat of releasing the stolen data as leverage to extort money from their victims. It is still unknown what the hackers want in connection to the Grubman Shire Meiselas & Sacks data theft. Grubman law firm serves various clients, including TV personalities, music artists, sports stars, and actors. Also, it serves media and entertainment companies. The attack is believed to have been carried out by the “REvil” group. The group is also known as “Sodinokibi,” according to Emsisoft. This group has previously targeted organizations and companies, including the U.K.-based currency-exchange company, Travelex. In that incident; Travelex paid $2.3 million in bitcoin to the hackers after a ransomware attack, according to a Wall Street Journal report.