STOCK MARKET BSE NSE

Personal data of top celebrities including Priyanka Chopra, Robert De Niro hacked

The trove of data stolen from the New York-based firm by hackers "a total of 756GB" includes contracts, nondisclosure agreements, phone numbers and email addresses.

Published: 12th May 2020 01:38 PM  |   Last Updated: 12th May 2020 01:38 PM   |  A+A-

Robert De Niro and Priyanka Chopra

Robert De Niro and Priyanka Chopra

By IANS

LOS ANGELES: A large media and entertainment law firm in the US representing top-notch celebrities like Priyanka Chopra, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen and more has experienced a major data breach where hackers got access to personal data of these celebrities.

The trove of data stolen from the New York-based firm by hackers "a total of 756GB" includes contracts, nondisclosure agreements, phone numbers and email addresses, and "personal correspondence ", reports Variety.

The law firm Grubman Shire Meiselas & Sacks, or gsmlaw.com for short, experienced a ransomware attack that apparently involved the appropriately named REvil malware.

Other celebrities whose sensitive personal data has been hacked are Christina Aguilera, Mariah Carey, Jessica Simpson, Naomi Campbell, Robert De Niro, Sofia Vergara, Spike Lee, the Osbournes (Ozzy, Sharon and Kelly), and several more.

Representatives for the law firm did not issue comment and their website gsmlaw.com was effectively offline, displaying only its logo.

In addition, top companies on the firm's client list include Discovery, EMI Music Group, Facebook, HBO, Imax, MTV, NBA Entertainment, Playboy Enterprises, Samsung Electronics, Sony Corp. Spotify, Tribeca Film Festival, Universal Music Group and Vice Media Group, among others.

According to global cybersecurity firm Sophos, rather than simply knocking the law firm out of action temporarily, the ransomware crooks have stolen personal data from a laundry list of celebrity clients.

In such ransomware attacks, said Sophos, cybercriminals use the threat of releasing the stolen data as leverage to extort payment.

REVil, also known as Sodin or Sodinokibi, isn't just operating on the old-school ransomware model of "scramble your files and offer to sell you back the decryption key".

The latest trend in ransomware attacks is to use a double-barrelled weapon that gives victims two reasons to pay up.

According to Sophos, the original criminal plot behind ransomware was that if you didn't have reliable backups that you could restore quickly, then you might have little choice but to pay up to decrypt all your scrambled files and get your business moving again.

In recent months, however, the cybercriminals have doubled down on their leverage.

Before scrambling all your files as a way of grabbing your attention, the crooks quietly upload huge troves of so-called acetrophy data" that they use to blackmail anyone who is hesitant to pay up.

In other words, the financial extortion is no longer just a "kidnap ransom" to get your files back, but also a blackmail demand to stop the crooks leaking your data - or, worse still, your customers' data - to the world.

"Indeed, the REvil crew has already followed through on its threats to embarrass victims who don't pay," Sophos said in a statement on Tuesday.

Given that ransomware crooks are no longer just keeping you away from your data but also threatening to put the rest of the world in touch with it, prevention is very much better than cure, said Sophos.

Less star-studded but no less worrying is a simultaneous report that global mailing equipment company Pitney Bowes has experienced an attack by the Maze ransomware.

According to Sophos, Maze is another cybercrime gang that goes in for huge ransoms and threatens to expose stolen data, infamously demanding about $6,000,000 last year from cable and wire manufacturer Southwire.

Southwire hit back by filing a so-called John Doe (the name used in the USA where defendants haven't yet been identified) civil lawsuit against the as-yet-unknown criminals behind Maze.



Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

IPL_2020
flipboard facebook twitter whatsapp