BreachExchange mailing list archives
Papa don't breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm 'hack'
From: Destry Winant <destry () riskbasedsecurity com>
Date: Tue, 12 May 2020 09:11:45 -0500
https://www.theregister.co.uk/2020/05/12/papa_dont_breach/ Hackers are threatening to release 756GB of A-list celebs' contracts, recording deals, and other personal info allegedly stolen from a New York law firm. The miscreants have seemingly got their hands on confidential agreements, private correspondence, contact details, and other information belonging to superstars, including Madonna, Christina Aguilera, Sir Elton John, Run DMC, Bruce Springsteen, Barbra Streisand, and Lady Gaga, and their representatives. The data was swiped by the REvil, aka Sodinokibi, malware-slinging gang best known for taking down Travelex, infosec biz Emsisoft's Brett Callow told The Register. A Tor-hidden website belonging to REvil, which lists dozens of organizations compromised by the crew, includes screenshots of folders, a non-disclosure agreement, Madonna's 2019-2020 tour arrangements, and Aguilera's music rights as proof of its cyber-heist. The gang claims to have hacked entertainment law firm Grubman Shire Meiselas & Sacks, based in the Big Apple, and siphoned its documents. Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay The law firm could not be reached for comment. We assume they were otherwise occupied. Their website right now just shows its logo whereas as recently as May 8, it listed its clients and staff. "The documents purportedly include information about multiple music and entertainment figures, including: Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Mariah Carey, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra, Idina Menzel, HBO’s 'Last Week Tonight With John Oliver,' and Run DMC. Facebook also is on the hackers’ hit list," reported showbiz industry mag Variety, which was also tipped off by Emsisoft. The law firm also represents big name personalities in TV, film, and sport, and media and online giants, from Kate Upton and Robert De Niro to Sony, Spotify, Vice, and EMI. It is assumed the swiped data was partially leaked to encourage the lawyers to cough up a ransom demand – or the rest of the information would spill onto the dark web. ® _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Papa don't breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm 'hack' Destry Winant (May 12)