A group of alleged hackers claims responsibility for breaching Disney’s IT systems and exfiltrating approximately 1.1 terabytes of sensitive information from the company’s internal Slack messaging channels, reportedly compromising confidential data and potentially compromising the leisure giant’s intellectual property.
The notorious hacking collective, self-proclaimed as NullBulge, recently disclosed on a clandestine online forum that their initial plan was to delay announcing the breach until they could gain access to additional sensitive information; however, an “insider” unexpectedly grew cold feet and abruptly cut ties with the group.
According to reports, the alleged hacking group claims to have obtained a massive trove of data comprising roughly 10,000 Slack channel archives, including sensitive details on internal operations, along with messages, intel, source code, Social Security numbers, login credentials, and private images. There are understandable concerns that stolen information could potentially be misused to facilitate further cyber attacks.
Unknown digital collective NullBulge self-identifies as a hacktivist group driven by the mission to protect artistic integrity and ensure fair remuneration for creators.
In the final month of the year, a pseudonymous individual named NullBulge sparked controversy by uploading malicious Steady Diffusion extensions to GitHub under the guise of protesting the perceived theft of artistic ideas by AI systems from living creators.
The Walt Disney Company may have drawn the ire of NullBurge after being accused of neglecting to pay fair royalties to creators whose work it has acquired, including franchises like Alien and Buffy the Vampire Slayer.
Despite unknown motives, a declaration has emerged that sensitive communications and confidential data have been pilfered from Disney and publicly disseminated online. As Disney’s involvement is likely, they will carefully consider the potential implications of the breach on their future business plans and assess how it may affect their partnerships with other companies.
As the leisure industry has grown, so too has its vulnerability to cyberattacks. Hackers have exploited this sector’s lack of digital defenses, stealing sensitive information and even leaking compromising footage.
As of this writing, there is no official confirmation from Disney regarding the validity of NullBulge’s assertions. If proven to be accurate, the expectation is that Disney, notorious for its litigious nature, would aggressively pursue legal action against those responsible for infiltrating their digital perimeter.
