Hacked Law Firm Informs Clients Like Lady Gaga and Bruce Springsteen of Data Breach

Cybercrime - Hack - Ransomware
Michael Weber/imageBROKER/Shutterstock

Major media and entertainment law firm Grubman Shire Meiselas & Sacks said that after its internal data systems were hacked — and a vast trove of information on its clients was stolen — it has informed its roster of A-list clients of the breach.

“We can confirm that we’ve been victimized by a cyberattack,” the New York-based firm said in a statement to Variety. “We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”

News of the hack surfaced last week, after a hacker group claimed it infiltrated the Grubman Shire Meiselas & Sacks network and stole a whopping 756 gigabytes of documents on multiple music and entertainment figures. Those include clients past and present, among them: Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Mariah Carey, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra, Idina Menzel and Run DMC, the hackers claimed.

The data stolen by the hackers allegedly includes contracts, nondisclosure agreements, phone numbers and email addresses, and private correspondence, the group claimed in a post on a dark web forum, according to cybersecurity firm Emsisoft. The group behind the attack didn’t release all the data they had supposedly purloined. To show the hack was real, they released an excerpt from a contract for Madonna’s 2019-20 “Madame X” tour with Live Nation.

It’s evidently a ransomware attack, in which cybercriminals use the threat of releasing the stolen data as leverage to extort payment. It is not known what demands the hackers have made in connection with the theft of Grubman Shire Meiselas & Sacks data.

The attack on the law firm — whose clients span music artists, actors and TV personalities, sports stars, and media and entertainment companies — was carried out by a group called “REvil,” also known as “Sodinokibi,” according to Emsisoft. The group has previously targeted companies and organizations including Travelex, the U.K.-based currency-exchange company, which paid $2.3 million in bitcoin to hackers after a ransomware attack, the Wall Street Journal reported.

Shirley Halperin contributed to this report.