Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages

A radical calling itself “NullBulge” published a 1.1-terabyte trove of information precocious past week that it claims is simply a dump of Disney's interior Slack archive. The information allegedly includes each connection and record from astir 10,000 channels, including unreleased projects, code, images, login credentials, and links to interior websites and APIs.

The hackers assertion they got entree to the information from a Disney insider and named the alleged collaborator. A idiosyncratic with that sanction who lists Disney arsenic their existent leader did not instrumentality WIRED's petition for comment. Disney did not corroborate the breach oregon instrumentality aggregate requests for remark astir the legitimacy of the stolen data. A Disney spokesperson told the Wall Street Journal that the institution “is investigating this matter.”

The data, which appears to person been archetypal published connected Thursday, was posted connected BreachForums and aboriginal taken down, but it is inactive unrecorded connected reflector sites.

Roei Sherman, tract CTO astatine Mitiga Security, says helium isn't amazed that a elephantine similar Disney could person a breach of this standard and significance. “Companies are getting breached each the time, particularly information theft from the unreality and software-as-a-service platforms,” helium says. “It is conscionable easier for attackers and holds bigger rewards."

Sherman, who reviewed the information successful the leak, added that, “all of it looks legit. A batch of URLs, conversations of employees, immoderate credentials and different content.”

The NullBulge tract says that it is simply a “hacktivist radical protecting artists’ rights and ensuring just compensation for their work.” The radical claims it lone hacks targets that interruption 1 of 3 “sins.” First: “We bash not condone immoderate signifier of promoting crypto currencies oregon crypto related products/services.” Second: “We judge AI-generated artwork harms the originative manufacture and should beryllium discouraged.” And third: “Any theft from Patreons, different supportive creator platforms, oregon artists successful general.”

The group's “Wall of Knowledge,” wherever it lists its information dumps, summarizes the philosophy: “What amended mode to punish idiosyncratic than getting them successful occupation eh?” Previously, the radical targeted the Indian contented creator “Chief Shifter” with a “First Shaming.” Then successful a May NullBulge posted a “Second Punch” and teased the Disney breach. “Here is 1 I ne'er thought I would get this rapidly ... Disney. Yes, that Disney," NullBuldge wrote, suggesting that the radical whitethorn beryllium a azygous person. “The onslaught has lone conscionable started, but we person immoderate bully shit. To amusement we are serious, present is 2 files from inside.”

In summation to the alleged Slack data, NullBulge besides posted what appears to beryllium elaborate accusation astir the idiosyncratic who was seemingly providing the insider entree and data. The leak includes aesculapian records and different personally identifying information, positive the alleged contents of the alleged Disney employee's 1Password password manager. NullBulge seemingly doxxed the idiosyncratic successful retaliation for cutting disconnected connection and access.

Security researchers person agelong warned astir firm Slack accounts arsenic a treasure trove for attackers if compromised. The fashionable squad connection level is owned by Salesforce and is utilized by an array of salient organizations, including IBM, Capital One bank, Uber, and Disney rival Paramount.

“Disney volition astir apt beryllium targeted a batch much present by opportunistic menace actors,” Sherman warns.