A hacking group is demanding $42 million (£35m) from a leading New York entertainment law firm after compromising the company’s IT systems and stealing 756 gigabytes on A-list celebrities.
The group said it would release the sensitive data, including contracts and personal emails, unless the ransom was paid, and also threatened to release compromising information on US president Donald Trump.
The latter may be an empty threat, however, since Trump has never been a client of law firm Grubman Shire Meiselas & Sacks, celebrity news magazine Page Six reported.
GSMS’ list of clients includes well-known figures such as Lady Gaga, Madonna, Mariah Carey, U2, Bruce Springsteen, Priyanka Chopra and Bette Midler.
The law firm confirmed last week that it had been compromised, saying it had notified clients and staff and was “working around the clock” to address the situation.
The attack involved ransomware that locked the company’s digital files and erased all backups, while expropriating data held on the firm’s networks, according to security firm Emsisoft.
Hacking group REvil initially demanded $21m to refrain from publishing the data, but doubled the amount at the end of last week after saying GSMS had agreed to pay only $365,000.
It gave GSMS another week to pay, while releasing 2.4GB of data on recording artist Lady Gaga, including contracts for concerts, merchandising and television appearances.
“Grubman, we will destroy your company down to the ground if we don’t see the money,” REvil said in a statement published on a Dark Web site.
REvil, also known as “Sodinokibi”, has also attacked organisations including UK-based currency exchange firm Travelex, which paid $2.3m in Bitcoin after a ransomware attack, the Wall Street Journal reported.
GSMS said it was not negotiating with the hackers, saying the FBI considered the attackers terrorists and that “negotiating with or paying ransom to terrorists is a violation of federal criminal law”.
The firm added that the criminals could always leak the documents even after receiving payment of a ransom.
“The leaking of our clients’ documents is a despicable and illegal attack by these foreign cyberterrorists,” GSMS said in a statement.
Emsisoft said the ransom demand was one of the largest it had heard of, surpassing the previous record $25m demand received by an unnamed company, which was not paid.
Earlier this year hackers released data stolen from Visser Precision, a precision parts maker for military and aerospace companies including Lockheed-Martin, Tesla, SpaceX and Boeing, after the company refused to pay a ransom.
Tesla shareholders to be asked to reinstate Elon Musk's $56 billion pay package, days after…
Catching WhatsApp? Billionaire founder of Telegram claims encrypted platform will reach one billion users within…
Good news for Mark Zuckerberg as judge dismisses some claims in dozens of lawsuits alleging…
Consequences of Assembly Bill 886. Google begins removing California news websites from some search results
CEO Tim Cook during visit to Jakarta says Apple will look into building a manufacturing…
Introduction of digital services tax on tech firms will begin in 2024 Canadian government confirms,…