Hackers who stole data from Lady Gaga are demanding $21 million – but her lawyers aren’t caving anytime soon
Hackers who stole data from a constellation of stars – including Lady Gaga – are demanding $21 million for the return of sensitive files, according to sources.
Grubman Shire Meiselas & Sacks, based in New York, US, were pillaged of more than 756 gigabytes of data including contracts, settlements, non-disclosure agreements and personal emails by a group of hackers on Tuesday (May 12).
The group, known as “REvil” or “Sodinokibi”, are holding the data to ransom, insiders told the New York Post’s Page Six gossip column, but Gaga’s legal team is refusing to negotiate with them.
Since the incident, the Grubman Shire Meiselas & Sacks website has been inactive – scaled back and only showing the firm’s logo.
Hackers who stole data from Lady Gaga also targeted Madonna.
Madonna, Barbra Streisand, Nicki Minaj, Lizzo, Elton John, Lil Nas X and Mariah Carey are among the star-studded client list handled by the firm.
Others named include Andrew Lloyd Webber, Sofia Vergara, U2 and Drake.
“The hackers got into the system while everyone was focused on the coronavirus,” a source told the outlet.
“They are demanding a $21 million ransom, and the firm is not negotiating with them.”
Moreover, the outlet claimed that multiple sources have informed Page Six that Federal Bureau of Investigation detectives are now handling the case.
The law firm said in a statement on the day of the attack: “We can confirm that we’ve been victimised by a cyberattack. We have notified our clients and our staff.
“We have hired the world’s experts who specialise in this area, and we are working around the clock to address these matters.”
The group released excerpts of a July 2019 contract related to Madonna’s recent Madame X tour, according to cybersecurity firm Emsisoft. It contains, the firm said, the social security details of a crew member.
REvil/Sodinokibi has an extensive track record of previous cyber crimes, online security firms say.
Members previously attacked foreign exchange company Travelex with ransomware in January.
Ransomware, a malicious type of software that encrypts data until a ransom is paid, is one of the biggest cyber-security threats. Hackers typically demand funds be paid with the untraceable cryptocurrency Bitcoin.