Hacked Law Firm Informs Celeb Clients Including Lady Gaga And Madonna Of Data Breach – Experts Insight

337 0
As reported by Variety, major media and entertainment law firm Grubman Shire Meiselas & Sacks said that after its internal data systems were hacked — and a vast trove of information on its clients was stolen — it has informed its roster of A-list clients of the breach. “We can confirm that we’ve been victimized by a cyberattack,” the New York-based firm said in a statement to Variety. “We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”

News of the hack surfaced last week, after a hacker group claimed it infiltrated the Grubman Shire Meiselas & Sacks network and stole a whopping 756 gigabytes of documents on multiple music and entertainment figures. Those include clients past and present, among them: Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Mariah Carey, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra, Idina Menzel and Run DMC, the hackers claimed.

EXPERTS COMMENTS
Hugo Van den Toorn, Manager, Offensive Security ,  Outpost24
May 13, 2020
The REvil (also known as Sodinokibi) ransomware was first identified on April 17, 2019.
Paying ransom does not guarantee that the attackers will not do anything with the data. As a matter of fact, the worst has already happened; the company’s reputation has been impacted. Paying and dealing with the threat actors might therefore be the absolute last resort. Depending on the scale: Investigating the matter, informing customers in full and making sure it does not ever happen again so ....
[Read More >>]
Jonathan Knudsen, Senior Security Strategist ,  Synopsys
May 13, 2020
It is impossible to evaluate the security posture of every business where you have sensitive information.
Ransomware is effective and devastating because it allows hackers to sell information back to the people who value it most—the victims. As with other ransom situations, it is also impossible to know if paying the ransom will make your problem go away. Even if you regain access to your own information, your attacker might still have a copy of the information and be able to resell it to other inte ....
[Read More >>]
Tim Erlin, VP of Product Management and Strategy ,  Tripwire
May 13, 2020
Ransomware makes headlines, in part, because it’s always detected.
The overwhelming tendency is to focus on the ransomware itself in these types of cases, but ransomware doesn’t magically appear on a system. Organizations that are concerned about ransomware should assess how well they’ve deployed basic controls like vulnerability management, secure configurations and email protections. The first line of defense against ransomware is to prevent it from getting ....
[Read More >>]
Sam Curry, Chief Security Officer,  Cybereason
May 13, 2020
This breach appears to be a surgical strike against Grubman, knowing they represent many of the biggest celebrities in the world.
Human beings are the single biggest asset cyber criminals have in extorting money, and specifically in the case of the breach of the Grubman law firm. This breach appears to be a surgical strike against Grubman, knowing they represent many of the biggest celebrities in the world. The million dollar question is how much personal information the hackers have obtained and how real are their threats? ....
[Read More >>]
Francis Gaffney, Director of Threat Intelligence,  Mimecast
May 13, 2020
This is particularly relevant in this case, with the data belonging to such high-profile individuals.
Attacks like this one are becoming more common and really highlight the need for organisations to take data protection seriously. It is clear that businesses are still struggling with large-scale data breaches and this is particularly worrying for those in the legal sector, as they often deal with very sensitive information. When somebody trusts you with such important information, it is vital tha ....
[Read More >>]
Ilia Kolochenko, Founder and CEO,  ImmuniWeb
May 13, 2020
Partners and clients exacerbate this convoluted landscape by uploading confidential documents.
Law firms are increasingly becoming desirable targets of sophisticated cyber gangs. It is often much easier and faster to breach a mid-sized law firm to get ultra-confidential data compared to targeting its large clients directly, such as banks or celebrities as reportedly happened in this case. In a highly competitive and now digitally-disrupted legal services market, few law firms are prioritis ....
[Read More >>]
Jake Moore, Cybersecurity Specialist,  ESET
May 13, 2020
This will be a difficult decision to make, but I always advise companies not to pay the demands.
All companies are at risk of daily attacks, but some attract further attention due to the kudos or media value they may possess. Celebrity hacks have always gained global attention and can therefore cause more damage, and this in turn loads those companies with extra pressures to pay out. This excerpt of data already released acts as a warning shot to the firm and shows that the attackers mean b ....
[Read More >>]

