Disney faces potential data breach, hacker group claims massive leak

NullBulge says motive is to expose potential corporate malpractices

The Walt Disney Company is reeling from a suspected cyberattack by a hacktivist group calling itself NullBulge, exposing a significant amount of sensitive information.

NullBulge announced its exploit on 12 July on both the cybercrime forum Breach Forums and X/Twitter.

The group said it infiltrated Disney's internal Slack communication platform, leaking 1.2 terabytes of data online.

The leaked data reportedly includes messages, files, code, and other confidential information from nearly 10,000 different channels within Disney's Slack workspace.

While the full extent of the leak remains unclear, Stack Diary said it was able to view snippets of the data. Based on their analysis, the leak exposes a wide range of Disney's internal operations, including project details, financial data, email exchanges, and potentially sensitive information such as internal network structures and developer-oriented data.

The leak may also contain employee information like names, email addresses, and even home addresses in some cases. Financial data such as advertising budgets for Disney and its streaming services is also reportedly included.

Security researchers at VX-Underground speculate that infostealer malware might be behind the Disney breach, if the claims are confirmed.

NullBulge claims its motive is to expose potential corporate malpractices, particularly regarding artist compensation. The group aligns itself with ongoing controversies surrounding Disney's treatment of creators.

Disney has faced criticism in recent years regarding artist compensation, with prominent figures like Neil Gaiman accusing the company of withholding royalties for works based on its properties. The issue gained traction after author Alan Dean Foster publicly declared he wasn't receiving royalties for his "Star Wars" and "Alien" novelisations after Disney acquired the franchises.

While there have been some settlements, many creators continue to fight for fair pay.

The leak of proprietary information, project plans, and internal discussions raises concerns about potential disruptions to Disney's operations. Disney has yet to officially comment.

The importance of data security for companies like Disney is paramount, especially considering the fallout of previous leaks. The 2023 Insomniac Games hack exposed confidential details about unreleased projects, highlighting the vulnerability of such information.

Breaching a company's Slack channel seems to be a recurring theme in recent cyberattacks on major corporations, as seen with the Rockstar Games hack in 2022. In that case, leaked footage of Grand Theft Auto 6 surfaced online, costing Take-Two Interactive, Rockstar's parent company, an estimated $5 million.

News of the Disney breach comes hot on the heels of recent attacks on AT&T and Ticketmaster, highlighting what looks like a targeting of major US corporations.

Late last week, AT&T revealed a hack compromising call records and text message logs of "nearly all" customers, affecting over 110 million people. The Ticketmaster data breach involving leaked concert ticket barcodes is ongoing, with hackers demanding millions in ransom to prevent further leaks.