Maintaining Cybersecurity with Third Parties and Vendors Receiving Sensitive or Private Data
In May 2020, a prominent media and entertainment law firm fell victim to a ransomware attack, risking the widespread release of sensitive, valuable, and potentially damaging information belonging to its clients, which include A-list celebrities like Lady Gaga and Robert De Niro. The hackers’ ransom demands have exceeded $40 million, with threats to release personal client information to the public if their demands are not met. Then, in early July, the hackers reportedly placed documents belonging to Nicki Minaj, Mariah Carey, and LeBron James up for auction on the dark web. This high-profile extortion effort serves as a stark reminder of the significant and growing cyber risks that exist with the many third parties that use, secure, and process sensitive data for others.