Hackers extort celebrity law firm with trove of stolen data on Madonna and other A-listers


The amount of confidential celeb data being ransomed.


Mondadori Portfolio/Mondadori Portfolio/Getty Images

Law firm Grubman Shire Meiselas & Sacks suffered a massive data breach on Saturday, according to Variety. The firm verified the ransomware attack on Monday in statements to Variety and Rolling Stone. The hackers are a group known as “REvil” or “Sodinokibi” most recently attacked Travelex in January with a $2.3 million payday. They are currently holding 756 GB of confidential data ransom and have leaked some documents to provide proof of the hack.

What do the hackers have? — Grubman Shire Meiselas & Sacks represents a wide array of entertainment professionals and companies whose phone numbers, email addresses, personal correspondence, contracts, and nondisclosure agreements are currently at risk. Of the documents released on the dark web, the most prominent is a snippet from Madonna’s recent “Madame X” tour contract.

Historic client records suggest the firm has more than 200 high-profile entertainment clients spanning music, sports, modeling, and even tech. Clients include Mariah Carey, Nicki Minaj, Lady Gaga, Bruce Springsteen, Robert De Niro, Naomi Campbell, LeBron James, Samsung, Activision Blizzard, Spotify, and Facebook. All clients were reportedly notified of the breach, but there’s no word on whether the firm will acquiesce to the hackers’ demands.

This is also the second time in the last six months hackers have targeted Mariah Carey. It seems like cybercriminals are “Obsessed” with the diva.