back to article Papa don't breach: Contracts, personal info on Madonna, Lady Gaga, Elton John, others swiped in celeb law firm 'hack'

Hackers are threatening to release 756GB of A-list celebs' contracts, recording deals, and other personal info allegedly stolen from a New York law firm. The miscreants have seemingly got their hands on confidential agreements, private correspondence, contact details, and other information belonging to superstars, including …

  1. Phil Kingston

    They're fecked then

    1. john.jones.name
      Flame

      insurance

      wonder if they have insurance... at least malpractice... details might well be in the breach material which means they know exactly how much to ask for...

  2. macjules Silver badge
    Facepalm

    Oops

    That's their professional liability insurance gone then. I wouldn't worry too much about Madonna's tour schedule being leaked: it has somewhat changed for 2020.

  3. Anonymous Coward
    Anonymous Coward

    Picking on lawyers doesn't seem the wisest move. Those guys probably have plenty of contacts on the dark side who are willing to do a little wet work...

    1. LucreLout Silver badge

      Picking on lawyers doesn't seem the wisest move.

      Yup, but not for the reasons you gave.

      Lawyers spend all day every day utterly ruining peoples lives with an endless mountain of legal paperwork and bullshit billing at eye watering levels. They're amoral scum.

      I'd rather piss off a hitman than a lawyer. The hitman will either go to work or let the matter go. Lawyers never let the matter go, they just plough on endlessly billing until a judge orders that they stop.

      I've had to take companies to court on three occasions now (not a lawyer) and on each occasion I've handed them their ass. That doesn't mean their dogs of law didn't cause me a lot of needless and undue stress along the way. There needs to be much better protection for individual people against solicitors acting on behalf of corporate clients.

      1. Intractable Potsherd Silver badge

        There is so much I could write on this topic, but I'll keep it short. Lawyers follow the instructions of their clients, even down to means used. Corporate litigation lawyers have one instruction - win this case. They are very good at finding gaps in the law, and following things to a more-or-less logical conclusion. Lawyers at the top are just like anyone else at the top - they want to do the best job they can. Like professional sportspeople, they want to win, and they want to do it often and decisively. If you could afford the same level of legally trained bodies, you'd do the same, unless you are sufficiently clued up to win, usually by appearing in person - judges, in general, will have a lot sympathy for the competent amateur.

        The problem comes from a system that allows huge dissimilarities in representation. To my mind, expenditure should be capped for both sides at the level the poorest engaged person can afford, e.g. if Apple wants to sue Jo Bloggs, legal expenditure is capped at Jo's level. The same if Bloggs wants to sue Apple. This would prevent throwing resources at a case until the other party can no longer afford to continue.

        1. LucreLout Silver badge

          Lawyers follow the instructions of their clients, even down to means used.

          I was only obeying orders is not a good line of defence. If that's actually your thinking then you are the problem in the system as opposed to a useful part of it.

          Like professional sportspeople, they want to win, and they want to do it often and decisively.

          The law exists to stop people sending the boys round or showing up and exacting justice for themselves. That's its only purpose.

          If lawyers can't "win" without damaging the opponent then they should accept the loss. Simply ploughing on when damage is being done to the other party is unacceptable, particularly when the other party has the significantly better case and you're really just hoping to bluff them off the pot by causing as much stress as possible by filing high 5 figure claims for costs (preallocation) for a matter the claimant was trying to resolve in the small claims court.

          The problem comes from a system that allows huge dissimilarities in representation.

          That is part of the problem, but unless you remove the scum from the system they'll simply find another way to attempt to "win" at whatever cost to the other side.

          So far I've never met a lawyer that was any smarter than they were moral, which is why I keep handing them their ass when the law isn't my profession or my education. Quite how it is possible to attempt to enact a flagrant injustice in a brazen attempt to win at all costs and not end up automatically disbarred is beyond me.

          It's time judges had the power to ban solicitors and barristers egregiously pushing a meritless case whose only possible victory lies in intimidating (for that is what it is) the victim with threats of large cost claims. The alternative is that we remove legal protections such that the litigant in person may legally show up at the solicitors home and intimidate and harm them in return - it would focus minds appropriately.

          There's a reason lawyer is consistently the most hated profession next to estate agent.

  4. Dwarf Silver badge

    Sounds like they need some good legal advice.

    Also sounds like they needed some technology advice, but you have to wonder if they were already given such advice and declined it, probably on cost grounds. I wonder what the data dump will say about matters such as IT investment and security.

    1. Nunyabiznes Silver badge

      The lawyers I've contracted with over the years are overwhelmingly IT (expertise) spend adverse. They would rather let you reload their pistol they're shooting themselves in the foot with than spend on knowledge - because they are absolutely sure they are the smartest and most knowledgeable person in any room on any subject. They will spend on shiny IT stuff though.

      1. Intractable Potsherd Silver badge

        "... they are absolutely sure they are the smartest and most knowledgeable person in any room on any subject." Interesting - my experience is that lawyers are quite willing to acknowledge they don't know about $topic*, but then express complete disinterest because they don't know about it!

        *Unlike doctors, especially GPs and surgeons

      2. Anonymous Coward
        Anonymous Coward

        It's way more than just lawyers with this attitude. Your average CEO thinks they're hot shit...they don't understand that it's not their function to think, it's their function to decide after hiring and listening to experts.

        The more you spend, the better the expert (generally), and thus the better the decisions you can make.

  5. Blofeld's Cat Silver badge
    Paris Hilton

    OK ...

    Celeb: My personal details have been leaked ! My privacy has been violated. Get my lawyer on the phone - now !

    Agent: Er ...

    Celeb: OK get me some other lawyer on the phone - now !

    Agent: Right ...

    Celeb: And make sure the press get every last detail of what was leaked.

    1. Agamemnon

      Re: OK ...

      Something I learned doing IT in Media and New Media (as it was called in SOMA in San Francisco in the mid 90s, pre .com) ...

      * All Press is Good Press (when you Spin Spin Sugar).

      [Except perhaps the Sony US hack, nothing good could be done with that.]

  6. Lotaresco Silver badge

    I gave up talking to lawyers about IT security some time ago. They would not even attend free seminars on basic IT security because it detracted from the time they could bill to clients. While spending time with lawyers (various) I have seen appalling practices such as walking out of the office leaving their PC on and unlocked, leaving filing cabinets unlocked, using unencrypted media regularly to take work home which they then copy on to the same PC that their kids use that is connected to the internet without a firewall and doesn't have AV installed. All of our observations as a security consultancy have been dismissed by law firms who asked us in to talk to them about getting ISO27001 or cyber essentials because one of their clients insisted on it. In short if it involves spending money on security law firms for the most part are not interested. The ones that are tend to be niche. Accountants are much more switched on about IT security. I wish some of that would rub off on lawyers.

    1. Pascal Monett Silver badge

      Well, with the upcoming lawsuit that is undoubtedly on the way, I'm sure something is going to rub off on this bunch.

    2. Hawkeye Pierce

      You must have been dealing with some pretty unusual lawyers.

      All the lawyers I know would have found ample opportunity to bill multiple clients for the time they spent attending free seminars...

    3. Neil Brown

      Seminars or sales pitches?

      > They would not even attend free seminars on basic IT security because it detracted from the time they could bill to clients

      I — lawyer — don’t typically attend free seminars on IT stuff, security or otherwise, since they are nearly always, in my experience, a sales pitch disguised as a seminar. Possibly one or two small bits of useful information, but mostly a list of dangers and pitfalls, and an explanation of how the presenter's company's chargeable product / service can solve them. (Perhaps it's exactly the same for non-lawyers going to a lawyer's seminar...?)

      I tried to persuade the Law Society to run a "basics of IT security" session for lawyers in small firms, who may not have IT staff, where the content was vetted so it was practical and implementable and not (just) a sales pitch, but I got no-where, which was a shame.

      1. Lotaresco Silver badge

        Re: Seminars or sales pitches?

        Seminars. And the attitude was exactly like yours...

        We don't use seminars for selling. We also do freebies at BILETA or rather we used to. I've given up because it was obvious to me that the lawyers simply wanted consultancy for free. One of my colleagues who is the lawyer on the team still attends. What you are asking for is provided by BILETA. Not that anyone will be doing conferences for a while.

        1. Neil Brown

          Re: Seminars or sales pitches?

          > And the attitude was exactly like yours...

          Honestly, I'm not surprised, given the volume of marketing bumpf we get sent. Missing what might be a useful seminar is perhaps the price to pay for not sitting through numerous sales pitches.

          Bravo if you are or were doing things with BILETA — although I'd have thought you are mostly hitting lawyers in academia with that crowd (as most BILETA attendees are academics, and IT law academics at that, rather than the broad gamut of practitioners, with a few notable exceptions)?

    4. Aristotles slow and dimwitted horse Silver badge

      Hmm...

      How do you know all of this... " to take work home which they then copy on to the same PC that their kids use that is connected to the internet without a firewall and doesn't have AV installed."

      My suspicion is that you have just made it all up for effect.

      1. Anonymous Coward
        Anonymous Coward

        Re: Hmm...

        Ever wonder who provides home tech support for lawyers (either formal/paid, or informal/friends/relatives)? Answer: lots of people here.

      2. Lotaresco Silver badge

        Re: Hmm...

        "My suspicion is that you have just made it all up for effect."

        My suspicion is that you have never provided security support for small business in the Legal/Financial sector.

        The simple answer to how do we know what they do at home is that we ask them. It's part of our job to assess current security risks before giving advice. Checking the arrangements made for home working is part of that assessment.

        For example:

        Do you work at home?

        How do you do that, do you use IT provided by the practice or do you use your own?

        How do you move data between home and work?

        Is the system you use connected to the Internet?

        Do you have any form of security appliance at home?

        Does anyone else use your home system?

        etc. etc...

        You can even download the checklists for free from some sources, although you are going to have to pay to get copies of ISO27001. It also helps to have been trained and preferably to have passed assessments of your capabilities as an ISO27001 auditor but in theory the client could do it themselves. Except of course that IT geeks get paid less than the partners in a Legal business, so it makes sense for them to outsource the work.

  7. SW10
    FAIL

    Wait

    The whole point of lawyers is to write text in unambiguous language and they say:

    we've been victimised

    No you bloody haven’t. You could maybe say We've been victims, but any good defence lawyer will uncover your contributory negligence

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020