OUCH! BBC News was one of the many major media sites who reported May 12 that a media and entertainment law firm used by A-list stars including Rod Stewart, Robert De Niro, Sir Elton John and Lady Gaga has been hacked.
The law firm said in a press statement: "We can confirm that we've been victimized by a cyber-attack. We have notified our clients and our staff. We have hired the world's experts who specialise in this area, and we are working around the clock to address these matters." They are working with cyber-security experts, but it's not known what sum the hackers are demanding.
The company's website is displaying just a logo but historic records of the site show a client list of more than 200 high profile people and companies. Musicians include Sir Elton John, Barbra Streisand, Barry Manilow, Rod Stewart, Lady Gaga, Lil Nas X, The Weeknd, Madonna, U2 and Drake.
Other clients named are Andrew Lloyd Webber, Priyanka Chopra, Robert De Niro, Sofia Vergara, Activision, Inc, Sony Corp, LeBron James and Mike Tyson. Criminal hacker gang known as REvil or Sodinokibi previously attacked foreign exchange company Travelex (link is WSJ) with ransomware in January.
Cyber-security company Emsisoft says the hackers have posted images online of a contract for Madonna's World Tour 2019-20 complete with signatures from an employee and concert company Live Nation.
Hackers have also uploaded an image they claim shows the stolen data directory with folders named under certain clients. Posting a sample of stolen data is often done as a way to prove a hack has happened and put pressure on a victim to pay a ransom.
"Companies in this position have no good options available to them," Brett Callow, threat analyst at Emsisoft said. "Non-payment of the demand will result in the information being published; payment will simply get them a pinky promise from criminals that the stolen data will be deleted. "These incidents are becoming increasingly commonplace and increasingly concerning. And incidents involving law firms are even more concerning due to the sensitivity of the data they hold."
The cybercriminals are threatening to release the data in nine installments, unless they are paid an undisclosed amount of money, said Callow. So far, they have reportedly published documents demonstrating the data that they compromised, including one allegedly signed by Madonna’s 2019 tour agent for her World Tour 2019-20.