Hacker Group Leaks Data From Disney’s Private Slack

Hacker group NullBulge published private data from Walt Disney’s internal Slack workplace, from around 10,000 channels, online. According to Reuters, the group claimed to have stolen 1 terabyte of data from the entertainment company, including login details, ad campaign discussions, new employees and candidates evaluations, details about upcoming private projects, and more information from up to 2019.

“Disney is investigating this matter,” replied a spokesperson from Disney to Reuters via email. The entertainment company hasn’t shared more details or made public announcements yet.

According to Wired, NullBulge said they got access through one of Disney’s employees who acted as a collaborator, but this information hasn’t been confirmed.

The stolen data was first published on Thursday on the popular hacker forum BreachForums. The post was taken down, but the information had already been spread through mirror sites.

“All of it looks legit—a lot of URLs, conversations of employees, some credentials, and other content,” said Roei Sherman—field CTO at Mitiga Security who read the information leaked—to Wired. “Companies are getting breached all the time, especially data theft from the cloud and software-as-a-service platforms,” he added, “it is just easier for attackers and holds bigger rewards.”

Nullbulge described its organization as a hacktivist group protecting artists’ rights. On its website, it explains that the group hacks those who commit one of the three “sins”: sharing AI artwork, theft—from Patreon or other platforms supporting artists—, and crypto promotion.

“Our mission is to enact ways to ensure that theft from artists is reduced and to promote a fair and sustainable ecosystem for creators,” Nullbulge states on its website, where the organization also shares the services it provides, blog posts, and appearances in the media.

Disney’s leak isn’t the only one reported this month. A few days ago, a hacker posted a compilation of 10 billion passwords with information from people and companies across the world.