The private legal diplomacy of dozens of the world'due south biggest music and movie stars — Lady Gaga, Elton John, Robert DeNiro, and Madonna amidst them —  are at gamble of exposure following a ransomware set on on a high profile New York entertainment police force firm.

Grubman Shire Meiselas & Sacks have reportedly been striking by the REvil ransomware (also known as Sodinokibi), with the attackers threatening to release up to 756GB of stolen data in nine staged releases.

The stolen data includes confidential contracts, telephone numbers, email addresses, personal correspondence, non-disclosure agreements and more. The ransom amount demanded is not bachelor, even so information technology is invariably paid in Bitcoin.

Cointelegraph has viewed the gang's darknet site where they published screenshots of legal contracts for Madonna, Christina Aguilera and of the company'southward computer binder system.

Credible and proven threat

Brett Callow from information security firm Emsisoft said the alienation could accept serious privacy ramifications as law firms hold highly sensitive data about their clients..

"It's non only bad news for the firm; it likewise puts the clients whose data has been exposed at risk of bribery, spear phishing, identity theft and other types of fraud. In this instance, REvil claim to have exfiltrated a total of 756GB of data."

Callow described the screenshots leaked by the hackers equally "the equivalent of a kidnapper sending a pinky finger".

The firm represents a 'Who's Who' of Hollywood and the music industry including: AC/DC, Barbara Streisand, Bette Midler, KISS, U2, Madonna, Maroon 5, Robert De Niro, Elton John, John Mellencamp, Rod Stewart, Ricky Martin, Shania Twain, Osculation, The Weeknd, Lil Wayne, and David Letterman.

Information technology also represents companies including Facebook, Activision, iHeartMedia, IMAX, Sony, HBO, and Vice Media, likewise as athletes including LeBron James, Carmelo Anthony, Sloane Stephens and Colin Kaepernick.

Just a warning shot … for now

"The data published and then far would seem to only exist a warning shot," Unconversant said. "Should the firm not pay, whatever data the criminals the criminals may accept obtained volition exist published online, probably in instalments in guild to gradually ramp upward the pressure level."

REvil has previously attacked Travelex, 10x Genomics, Brooks International, Kenneth Cole and National Association of Eating Disorders and published information online from each. Travlex paid $2.3 million to recover its files.

Threatening to release visitor secrets has get an increasingly popular method past ransomware crews to ratchet up the pressure on companies to pay.

It was popularized by the Maze Crew who fabricated good on threats late terminal yr to release confidential information from security contractor Allied Universal afterward information technology failed to pay up.

Cointelegraph has contacted Grubman Shire Meiselas & Sacks for annotate.