Hacked! From Priyanka Chopra, Madonna to Bruce Springsteen, private data of top celebs stolen

IANS | May 12, 2020, 01:33 PM IST

A large media and entertainment law firm in the US representing top-notch celebrities like Priyanka Chopra, Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen and more has experienced a major data breach where hackers got access to personal data of these celebrities. The trove of data stolen from the New York-based firm by hackers "a total of 756GB" includes contracts, nondisclosure agreements, phone numbers and email addresses, and "personal correspondence ", reports Variety. The law firm Grubman Shire Meiselas & Sacks, or gsmlaw.com for short, experienced a ransomware attack that apparently involved the appropriately named REvil malware.

1/7

Priyanka Chopra

Priyanka Chopra

Apart from Priyanka Chopra, some other celebrities whose sensitive personal data has been hacked are Christina Aguilera, Mariah Carey, Jessica Simpson, Naomi Campbell, Robert De Niro, Sofia Vergara, Spike Lee, the Osbournes (Ozzy, Sharon and Kelly), and several more. Representatives for the law firm did not issue a comment and their website gsmlaw.com was effectively offline, displaying only its logo. (Photo: Reuters)

2/7

Facebook, Samsung, Sony and more

Facebook, Samsung, Sony and more

In addition, top companies on the firm`s client list include Discovery, EMI Music Group, Facebook, HBO, Imax, MTV, NBA Entertainment, Playboy Enterprises, Samsung Electronics, Sony Corp. Spotify, Tribeca Film Festival, Universal Music Group and Vice Media Group, among others. (Madonna Photo: Reuters)

3/7

Extort payment

Extort payment

According to global cybersecurity firm Sophos, rather than simply knocking the law firm out of action temporarily, the ransomware crooks have stolen personal data from a laundry list of celebrity clients. In such ransomware attacks, said Sophos, cybercriminals use the threat of releasing the stolen data as leverage to extort payment. (Lady Gaga Photo: Reuters)

4/7

Double-barrelled weapon

Double-barrelled weapon

REVil, also known as Sodin or Sodinokibi, isn`t just operating on the old-school ransomware model of "scramble your files and offer to sell you back the decryption key". The latest trend in ransomware attacks is to use a double-barrelled weapon that gives victims two reasons to pay up.(Nicki Minaj Photo: Reuters)

5/7

Little choice but to pay

Little choice but to pay

According to Sophos, the original criminal plot behind ransomware was that if you didn`t have reliable backups that you could restore quickly, then you might have little choice but to pay up to decrypt all your scrambled files and get your business moving again.(Bruce Springsteen Photo: Reuters)

6/7

Blackmail those hesitant to pay

Blackmail those hesitant to pay

In recent months, however, the cybercriminals have doubled down on their leverage. Before scrambling all your files as a way of grabbing your attention, the crooks quietly upload huge troves of so-called acetrophy data" that they use to blackmail anyone who is hesitant to pay up. In other words, the financial extortion is no longer just a "kidnap ransom" to get your files back, but also a blackmail demand to stop the crooks leaking your data - or, worse still, your customers` data - to the world. "Indeed, the REvil crew has already followed through on its threats to embarrass victims who don`t pay," Sophos said in a statement on Tuesday. (Christina Aguilera Photo: Reuters)

7/7

What to do?

What to do?

Given that ransomware crooks are no longer just keeping you away from your data but also threatening to put the rest of the world in touch with it, prevention is very much better than cure, said Sophos. (Mariah Carey Photo: Reuters)