Recently, a group of cyber criminals threatened to publish confidential legal documents stolen from an international law firm, containing fairly sensitive information about its clients, which is partly made up of the world's top celebrities.
This article will also interest you: When the disclosure of security vulnerabilities remains a thorny issue
The data leak occurred last week after a computer attack. The victim law firm is none other than Grubman Shire Meiselas-Sacks, reputed to have several of the celebrities as clients, describing itself on its website as "universally recognized as one of the best entertainment and media law firms in the country." The latter has indeed confirmed that it has been hacked and acknowledges a security flaw in its system.
The people targeted after the computer attack are clients of the A-list law firm, including Nicki Minaj, Mariah Carey, Drake, Robert De Niro, Madonna… According to cybercriminals, they hold several data about these stars and legal cases involving them. After entering the computer system of the law firm, a legal document, in this case the touring contract of the American singer Madonna was allegedly disclosed. Hackers rely on this to put pressure on the law firm and some of these stars to force them to pay a ransom. For his part, Grubman Shire Meiselas -Sacks said in a statement: "We can confirm that we have been the victims of a cyber attack. We have notified our customers and our staff. We have hired global experts who specialize in this area, and we are working tirelessly to solve these issues. ».
The group of cybermalists behind this attack call themselves Sodinokibi/REvil, known in the industry as a current ransom program user. Which makes the ransom demand and something common in the modus operandi. It was this group that apparently attacked Travelex, the British exchange company earlier this year. An attack that had caused real inconvenience forcing employees to use pen and paper to continue the work. According to the hackers, he is in possession of 756 GB of digital data from the firm, consisting mainly of legal documents all of a confidential nature. If the ransom demanded by the firm is not paid, they will not hesitate to disclose it on the internet. While waiting to carry out his threat, Sodinokibi / REvil maintains a website where they continue to list the various victims of the cyberattack, who allegedly refused to pay the ransom demanded and expose their documents as punishment. Stars such as Bruce Springsteen, Bette Midler, Lady Gaga and Outkast are also among the firm clients claimed by hackers to possess legal documents.
Of course, victims were discouraged from paying the ransom demanded. Indeed, this form of crime is widespread. Paying the ransom means exposing a new one to this kind of cyber-prisoners. And of course it is likely to encourage computer attacks, which will continue blow after blow. It is for this reason that they generally target companies that hold a large number of confidential files. "Ransomware attacks have become data breaches. This is insidious development and bad news for companies – especially those that, like law firms, hold sensitive data. said Brett Callow, a security researcher at Emsisoft."This is also bad news for the customers and business partners of these companies, as their data is generally exposed in these incidents, putting them at risk of identity theft, identity theft and other forms of fraud. He adds. The security researcher at Emsisoft describes a fact that unfortunately is common and may still be the case here: "In addition, it is also possible that people whose information is revealed are contacted directly by the threat actors and subjected to extortion attempts. For example, after a plastic surgeon's data was stolen, his patients were threatened with disclosing their before and after photos. ».
Now access an unlimited number of passwords: