Imagine the horror of waking one morning to discover that your law office systems have been breached and sensitive information on your most important clients has been stolen.
Even worse, it’s all over the news.
That nightmare scenario became a reality for a New York media and entertainment law firm that represents Madonna, Bruce Springsteen, Lady Gaga and other top stars.
Samples of the purloined documents, which allegedly included a portion of a contract from Madonna’s Madame X tour, were published by the hackers online. Cybersecurity experts described this as a “warning shot” and the equivalent of a “kidnapper sending a pinky finger.”
Cybercriminals are using sophisticated social engineering and email phishing scams to exploit COVID-19 fears and anxiety. Stay a step ahead of the bad guys by attending our FREE, one-hour CLE webinar on June 18. Cybersecurity expert Erich Kron will discuss the current threats and phishing traps, how the attackers are targeting remote workers, and what to expect in coming months. This is the latest in Alta Pro’s continuing series of cutting-edge webinars on issues that matter most to your practice. Register here.
“A media and entertainment law firm representing high-profile artists like Lady Gaga, Madonna, Nicki Minaj and Bruce Springsteen has verified to clients a recent report that the company’s internal data systems were hacked, potentially exposing a trove of sensitive data,” according to this report in Rolling Stone. “Variety reported last week that a hacker group known as ‘REvil’ or ‘Sodinokibi’ claimed it had stolen 756 gigabytes of sensitive documents from the network of the New York law firm. The hackers alleged that the impacted clients included Lady Gaga, Madonna, Minaj, Springsteen, Mary J. Blige, Mariah Carey, Bette Midler, Christina Aguilera, Idina Menzel, Run DMC, Cam Newton, Jessica Simpson, Priyanka Chopra and Ella Mai.”
Following are some key takeaways from the Rolling Stone piece:
- The stolen data allegedly included phone numbers, email addresses, personal correspondence, contracts and nondisclosure agreements.
- Evidence of the crime was posted on the dark web by the hackers, whose identities were hidden by encryption.
- One expert told Variety that by releasing some of the stolen documents, the criminals were threatening to release more unless the law firm pays a ransom (it’s unclear at this time if a formal ransom demand has been made, and, if so, how much was demanded).
- Experts say law firms are particularly tempting targets for cybercriminals. From Rolling Stone: “Previous incidents have resulted in details veterans’ PTSD claims and child neglect cases being published online. And all of this information was posted on the clear web where it could be easily accessed by anybody with an internet connection.”
- US companies (not just law firms) paid more than $1.3 billion in ransomware attacks in 2019. The international cost is nearly $170 billion.
Alta Pro Insurance Services can help keep your practice strong and viable during these uncertain times. When you have professional liability coverage with Alta Pro, you’re automatically enrolled in the Alta Pro Lawyers RPG, which gives you access to a broad range of benefits, including the Pro Practice Playbook, Ask the Risk Pro, Reminger ProLink, discounts on Clio cloud software and much more. Here’s how to join.