A large number of high-profile celebrities have reportedly had private data hacked following a security breach at an entertainment law firm.
New York-based firm Grubman Shire Meiselas & Sacks confirmed they were a victim of a cyberattack in a statement to Variety.
“We can confirm that we’ve been victimized by a cyberattack. We have notified our clients and our staff. We have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
The group known as either “REvil” or “Sodinokibi” is reportedly behind the hack and allegedly stole a whopping 756 gigabytes of private data on some of the world’s most high-profile celebrities. The group claims to have information on clients both past and present of the firm, including: Lady Gaga, Madonna, Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera, Mariah Carey, Cam Newton, Bette Midler, Jessica Simpson, Priyanka Chopra, Idina Menzel and Run DMC.
The hackers further claim to have documents ranging from contracts, nondisclosure agreements, phone numbers, addresses and more, according to Variety. So far, the only document that has been released was an excerpt from the contract for Madonna’s 2019-20 “Madame X” tour which was posted on the dark web, according to cybersecurity firm Emsisoft.
WATCH MORE: Madonna Cancels Multiple ‘Madame X’ Shows On Doctors Orders Amid Overwhelming Pain
A report from Page Six alleged that the ransomware attackers are now requesting $21 million in exchange for the stolen data.
“The hackers got into the system while everyone was focused on the coronavirus. We assume, but there is no confirmation, that the hackers are Eastern European. They are demanding a $21 million ransom, and the firm is not negotiating with them,” the report said.
It remains to be seen how effective this tactic might be, as just this past January the hackers successfully targeted the foreign exchange company Travelex. The company ultimately paid the hackers $2.3 million in bitcoin.