Attorney Allen Grubman — the most prominent entertainment attorney in the world, whose firm represents stars including Lady Gaga, Madonna, Mariah Carey, U2, Bruce Springsteen, Priyanka Chopra, and Bette Midler — was being shaken down by hackers who attacked his New York law firm for $21 million until today.
Hacking group REvil got into his firm’s server and stole 756 gigabytes of confidential documents, including contracts and personal e-mails from a host of Hollywood and music stars. They also deleted or encrypted the firm’s backups. The only way it can be decrypted is to pay the criminals for a key.
Grubman, we’re told, is refusing to negotiate. A source said,
“His view is, if he paid, the hackers might release the documents anyway. Plus the FBI has stated this hack is considered an act of international terrorism, and we don’t negotiate with terrorists.”
On Thursday, the hackers upped the ante by posting a chilling new message saying, “The ransom is now [doubled to] $42,000,000 …
The next person we’ll be publishing is Donald Trump. There’s an election going on, and we found a ton of dirty laundry on time.”
They added, “Mr Trump, if you want to stay president, poke a sharp stick at the guys, otherwise you may forget this ambition forever. And to you voters, we can let you know that after such a publication, you certainly don’t want to see him as president … The deadline is one week.
“Grubman, we will destroy your company down to the ground if we don’t see the money.”
It is not clear why the hackers connected Trump to Grubman. The president has never been a Grubman client, according to sources, either as a private businessman or during his administration.
On Thursday, the hackers claimed to have hacked another prominent US firm and also posted a file of stolen documents titled “Lady Gaga” on their site on the dark web.
The contents of the documents in the file were not immediately clear, but cybersecurity software company Emsisoft, which specializes in ransomware, spotted it.
NO GUARANTEE THE CRIMINALS WILL DESTROY THE STOLEN DATA
An analyst at Emsisoft, Brett Callow, said, “Companies in this situation have no good options available … Even if they pay the ransom demand, there is no guarantee the criminals will destroy the stolen data if it has a high market value. The data may still be sold or traded … In these cases, it’s possible that the criminals will attempt to extort money directly from the people whose information was exposed.”
PERSONAL INFORMATION UNDER ESCALATING ATTACKS
Grubman’s law firm, Grubman, Shire, Meiselas and Sacks, said in a statement to Page Six, “Our elections, our government and our personal information are under escalating attacks by foreign cybercriminals. Law firms are not immune from this malicious activity.
“Despite our substantial investment in state-of-the-art technology security, foreign cyberterrorists have hacked into our network and are demanding $42 million as ransom. We are working directly with federal law enforcement and continue to work around the clock with the world’s leading experts to address this situation.
“The leaking of our clients’ documents is a despicable and illegal attack by these foreign cyberterrorists who make their living attempting to extort high-profile U.S. companies, government entities, entertainers, politicians, and others. Previously, the United States Department of Defense, HBO, Goldman Sachs, as well as numerous state and local governments, have been victims of similar cybercriminal attacks.
PAYING RANSOM TO TERRORISTS VIOLATES FEDERAL LAW
“We have been informed by the experts and the FBI that negotiating with or paying ransom to terrorists is a violation of federal criminal law. Even when enormous ransoms have been paid, the criminals often leak the documents anyway.
“We are grateful to our clients for their overwhelming support and for recognizing that nobody is safe from cyberterrorism today. We continue to represent our clients with the utmost professionalism worthy of their elite stature, exercising the quality, integrity, and excellence that have made us the number-one entertainment and media law firm in the world.”
UPDATE [18 May 2020]
The firm said that Trump has never been a client of theirs.
Currently, there is no evidence the hackers actually have damaging information about the President.
A spokesperson for the law firm said the hackers were demanding a $42 million ransom. Otherwise, the hackers said they’ll release more of the firm’s documents. The spokesperson said the firm is working with the FBI and they will not pay the ransom.
CNN has reached out to the FBI for comment.”The leaking of our clients’ documents is a despicable and illegal attack by these foreign cyberterrorists who make their living attempting to extort high-profile US companies, government entities, entertainers, politicians, and others,” the spokesperson said.
“We have been informed by the experts and the FBI that negotiating with or paying ransom to terrorists is a violation of federal criminal law,” the spokesperson added.
“Even when enormous ransoms have been paid, the criminals often leak the documents anyway.
“Companies and local governments across the US and around the world have been the target of ransomware attacks. Hackers get access to a victim’s system and often encrypt a victim’s files — only giving victims access to their own files after they pay a ransom.