Grubman Shire Meiselas & Sacks (GSMS), one of the best known law firms in the music business, has been hit by a cyberattack – and the perpetrators want $21m to keep confidential files out of the public domain.
A hacking group calling itself REvil is claiming responsibility for the ransomware attack. It is threatening to release personal details of GSMS clients, including Elton John, Lady Gaga, Barbra Streisand, Lizzo and Madonna, unless GSMS pays up.
New York-based GSMS, which was founded by Allen Grubman in the 1970s, said this week in a statement: “We can confirm that we’ve been victimized by a cyberattack.
“We have notified our clients and our staff. [We] have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
According to Page Six, the FBI is now investigating the matter.
REvil claims to have obtained 756 gigabytes of data from GSMS, including contracts and personal emails from superstar clients. They have already posted a screenshot of what appears to be a contract for Madonna on the dark web.
“We have notified our clients and our staff. [We] have hired the world’s experts who specialize in this area, and we are working around the clock to address these matters.”
Grubman Shire Meiselas & Sacks
This isn’t the first ‘ransomware’ attack attributed to REvil. The group has previously targeted the likes of Brooks International, Kenneth Cole, and the National Association of Eating Disorders, as well as UK-based foreign exchange firm Travelex, which reportedly agreed to pay $2.3 million to free its confidential files from the group’s malware.
The news of the GSMS attack was first reported by Variety, after cybersecurity software company Emsisoft, which specializes in ransomware, spotted a post by the hackers on a forum on the dark web.
Artists (and GSMS clients) whose data is caught up in the REvil trove also include Nicki Minaj, Bruce Springsteen, Mary J. Blige, Ella Mai, Christina Aguilera and Mariah Carey.
Companies that have been represented by GSMS in the past include Universal Music Group, Sony/ATV, Sony Corp, Facebook, Spotify and iHeartMedia.
Since news of the hack emerged, Grubman Shire Meiselas & Sacks’ website has displayed only a logo, with no further information on the company made available.Music Business Worldwide