iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Hacktivists have claimed to have stolen records from Disney’s internal Slack channels, containing messages, files and data pertaining to unreleased projects.
The group, which goes by the name NullBulge, announced the incident on X (formerly Twitter), claiming to have stolen the entirety of Disney’s internal development Slack channel.
“1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? go grab it,” the group said.
The group posted a link to the alleged stolen data, which it claims contains “unreleased projects, raw images and code, some logins, links to internal api/web pages, and more”.
The group also claims to have had an inside man at Disney, who eventually ejected them from Disney’s network.
“We tried to hold off until we got deeper in, but our inside man got cold feet and kicked us out,” the group said.
The group then named the alleged Disney staff member and said it would leak his personal information, including “logins to credit cards to SSN, as a warning for people in the future”.
NullBulge claims to be a hacktivist group that works to protect artists from theft “and to promote a fair and sustainable ecosystem for creators”.
“Our hacks are not those of malice, but those to punish those caught stealing. Big and small theft, meet the same fate. Be wary where you get content from, because we will work tirelessly to develop and implement solutions that protect the rights and livelihoods of artists in the digital age,” it said.
Like many threat groups, the group claims to be doing what it does for the good of a certain group. However, the outing of the Disney staffer who helped them leak the data is proof they will backstab those that they not only swore to protect but also those who help them.
While the legitimacy of the leak is yet to be verified, the data breach could pose a major risk for Disney. The publishing of unreleased projects could set the company back millions, while the logins and other data could prove a treasure trove for other threat actors.
Depending on the full contents of the data, other companies, such as contractors used by Disney, as well as staff and more, could be at risk.
Disney is yet to publicly acknowledge the incident.
Be the first to hear the latest developments in the cyber industry.
