Last week, it was announced that eminent entertainment law firm Grubman, Shire, Meiselas and Sacks (Grubman) was the victim of a significant cyberattack. Current reports suggest that in addition to encrypting the firm’s data, so that the firm cannot gain access to its own files, the perpetrators made away with a massive amount of privileged data, including contracts, nondisclosure agreements, phone numbers, email addresses, and private correspondence of the firm’s clients. The attack has garnered international attention for the high-profile individuals potentially affected and the large public ransom demand, which stands at $42,000,000 as of this writing.
The attack involved the use of well-known ransomware (called REvil/Sodinokibi), which has been used in a number of other high-profile cyberattacks, such as the one on foreign exchange firm Travelex. The identities of the attackers are not publicly known, but the track record of REvil’s operators suggests they are sophisticated and experienced. The perpetrators have released a handful of documents to prove the validity of their claims, and sources suggest that they will publish the data in installments if their demands are not met.
Continue Reading The Grubman Ransomware Attack and What It Means for the Cyber Risks That You May Face