Breach, Threat Management, Data Security, Malware, Ransomware

LeBron James among the 1st stars to have their stolen law firm files put up for auction

The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks.

The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per lot. The next set of auctions is set for July 3 and will include documents pertaining to entertainment and media companies Bad Boy Entertainment Holdings ($750,000), Universal ($1 million) and MTV ($1 million).

Bidders can buy all of the stolen documents from all clients for $42 million, which is the amount the attackers were demanding in ransom from the law firm, which has refused to pay.

Auctioning off stolen data creates another potential avenue for monetization while also ratcheting up pressure on victims to pay or at least negotiate.

"I’m not sure whether REvil actually anticipates being able to monetize this data. Who’d pay so much for legal documents? The celebrities?" said Brett Callow, threat analyst at Emsisoft. "It could be the case that the group is conducting the auction simply to demonstrate to future victims that they can cause problems that extend well beyond the initial ransomware attack and that payment is the least painful option."

It was approximately one month ago that the Sodinokibi group first announced the launch of its own auction websiteReportedly, the group debuted its new service by offering up files stolen from a Canadian agriculture company. Another news report identified a second victim as a food and harvest distributor with more than 10,000 stolen files up for auction. At the time, the group also reportedly floated the idea of selling files on Madonna from Grubman Shire Meiselas & Sacks, but for now it appears that the group instead has opted to focus on other celebrities and media entities.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.