A $42 million ransom demand for hacked files that purportedly threaten to incriminate President Donald Trump is hanging over a New York law firm representing some of the top acts in the entertainment business.
A criminal group stole data from the systems of Grubman Shire Meiselas & Sachs and has threatened to release damaging documents involving the president if the ransom is not paid.
The hackers have claimed that the data includes contracts, emails and nondisclosure agreements involving a number of prominent music and entertainment figures.
The firm mostly represents well-known recording artists such as Elton John, Madonna, Lizzo, Bruce Springsteen and Lady Gaga.
Earlier this month, the hackers posted snippets of contracts related to some of the firm’s clients, including Madonna, as evidence that they have access to the files.
“The next person we’ll be publishing is Donald Trump,” the group said last week on its blog, according to reports. “There’s an election race going on, and we found a ton of dirty laundry on time. And to you voters, we can let you know that after such a publication, you certainly don’t want to see him as president.”
The firm said it is cooperating with law enforcement officials, including the FBI, to resolve the data breach and said it has no intention of meeting the ransom demand.
“We have been informed by the experts and the FBI that negotiating with or paying ransom to terrorists is a violation of federal criminal law,” a representative for the firm said in a statement. “Even when enormous ransoms have been paid, the criminals often leak the documents anyway.”
The firm has not commented on the contents of the hacked documents and communications but has not disputed their validity.
The hackers initially demanded $21 million when they first revealed the data breach. They upped that amount to $42 million and shared 169 emails from the law firm’s accounts.
None contained any “dirty laundry” on Trump. The ones that mentioned the president were related to other clients and dealt with such matters as rights clearances for video before he was elected.
It’s the highest-profile hack involving the entertainment industry since North Korea breached the computer systems of Sony Pictures Entertainment. The 2014 cyber attack, triggered by Sony’s release of “The Interview,” wiped out data from Sony servers, exposed the personal information of tens of thousands of people, and unveiled embarrassing emails between the likes of then-studio chief Amy Pascal and producer Scott Rudin.
Authorities have cited a rise in cyber attacks since the coronavirus crisis shut down the economy and forced many employees to work from home, where internet connections may not be as secure as in a workplace.
The hackers who targeted Grubman are believed to be based in Eastern Europe. Last year, they used their REvil ransomware to attack London-based foreign currency dealer Travelex and asked for $6 million.