The REvil ransomware gang, who stole personal data from the network law firm Grubman Shire Meiselas & Sacks, are now threatening to auction details associated with the company’s celebrity clients. The data of the first celebrity auction has been set for 1st July.
The hack took place in early May when REvil infiltrated the law firm’s network and reportedly stole up to 756GB of data.
The hackers claim that this stolen data includes contacts, non-disclosure agreements, phone numbers, email addresses and private correspondence.
To prove that they had obtained the stolen material, the hackers released files that related to Lady Gaga.
The group also previously threatened to reveal information related to the US President Donald Trump.
The REvil ransomware gang are threatening to auction celebrity’s details
The hack took place in early May when REvil infiltrated the law firm’s network
In a statement online, the hackers wrote: “There’s an election going on, and we found a ton of dirty laundry on time.”
However, Mr Trump has reportedly never been a client with Grubman.
Speaking to the Express, Brett Callow, a threat analysis at Emsisoft, explained that REvil did not say the information relating to Mr Trump came from Grubman but said it had been “accumulated over the entire time of our activity”.
Mr Callow said: “I suspect they had nothing and it was simply a bluff intended to put additional pressure on Grubman.
READ MORE:North Korean hacker group Lazarus targets British crypto users
The data of the first celebrity auction has been set for 1st July
“That said, REvil has penetrated numerous corporate networks and posted information relating to companies such as Exxon, Imperial Oil and Halliburton, so who knows what they may have stumbled across.”
On 1 July the hackers said they will auction material related to Nicki Minaji, Mariah Carey, and LeBron James for a start price of $600,000 (£482,665).
In a press release, the REvil group said: “We have audited the Mr. Grubman documentation and ready to provide the data to general public for sale.
“There are so many value files, and the lucky ones who buy these data will be satisfied for a very long time.”
I’m A Celebrity…Get Me Out of Here! suffers shocking format change [UPDATE]Strictly Come Dancing: Neil Jones to ‘miss out’ on partner this year? [INSIGHT]Phillip Schofield: How This Morning star narrowly avoided being sacked [ANALYSIS]
The group also previously threatened to reveal information related to the US President Donald Trump
Mr Trump has reportedly never been a client with Grubman
In a statement in May, the law firm said: “Our elections, our government and our personal information are under escalating attacks by foreign cybercriminals.
“Law firms are not immune from this malicious activity.
“Despite our substantial investment in state-of-the-art technology, foreign cyberterrorists have hacked into our network and are demanding $42 million (£34.7 million) as ransom.”
They added: “We are working directly with federal law enforcement and continue to work around the clock with the world’s leading experts to address this situation.”
The law firm also stated that the FBI had told them that negotiating with, or paying ransom to terrorists is a violation of federal criminal law in America.
Mr Callow explained that ransomware attacks only succeed because of irresponsible security.
He said: “Companies need to adhere to best practices such as prompt patching and using multi-factor authentication everywhere that it should be used.
“This significantly reduces the likelihood of them being successfully attacked.
Ransomware attacks only succeed because of irresponsible security
“Once a company’s data has been stolen, it has no good options. Even if a company pays the ransom, it’ll simply receive a pinky promise that the stolen data will be destroyed – and, as that pinky promise is coming from criminals, it carries very little weight.”
Emsisoft have estimated that ransomware costs the global economy about $170 billion (£138 billion) which Mr Callow explains is an “extremely conservative estimate”.
He added: “The only way to stop these attacks is to cut off the cash flow, and that means companies must refuse to pay ransoms. Grubman is to be applauded for having done just that.”