Ladies and gentlemen, hold onto your seats because we’ve got some breaking news that’s straight out of a cyber-thriller!
A hacking group called NullBulge has claimed responsibility for leaking a massive amount of internal data from the entertainment behemoth Disney. This includes Slack messages, attachments, and a host of other sensitive information from the company’s employees.
Here’s the scoop. NullBulge announced the hack on their website last week, making a staggering 1.1 terabytes (that’s over a thousand gigabytes) of data available for download. This treasure trove reportedly contains nearly 10,000 channels worth of messages and files.
Among the leaked data are unreleased projects, raw images, code, login details, and links to internal APIs and web pages. That’s right – there’s a lot for anyone to sift through if they’re so inclined.
NullBulge, which describes itself as a “hacktivist group protecting artists’ rights,” has been in the spotlight before. Just last month, they targeted users of specific AI software that they believed facilitated art theft. Their mission statement is quite clear: they aim to protect artists and ensure they receive fair compensation for their work. The group claims their hacks are meant to punish those who steal from artists, whether the theft is big or small.
Within the leaked data, some snippets analyzed by the Daily Dot reveal internal discussions about Disney employees’ protests against the company’s response to Florida’s controversial “Don’t Say Gay” legislation back in March 2022.
One notable message from a Slack channel called ng-immersives mentions a planned sick-out to protest Disney’s perceived lack of support for the LGBTQIA+ community. The user emphasized the importance of respecting everyone’s desire to participate and offered support to LGBTQIA+ employees and allies through dedicated Slack channels.
#DisneySlackLeak#Disney has had their entire dev slack dumped. 1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? go grab it.https://t.co/saVx4lxgsy pic.twitter.com/FitM8hmOEE
— NullBulge (@NullBulgeGroup) July 12, 2024
Disney has yet to comment on the legitimacy of the leaked data. However, according to NullBulge, they gained access to Disney’s internal systems through an “inside man” at the company. Interestingly, this insider reportedly had a change of heart and tried to lock the hackers out, but not before NullBulge retaliated by posting the insider’s personal data, including logins, credit card information, and Social Security Number.
This incident raises significant concerns about cybersecurity and data protection, especially for major corporations like Disney. It also highlights the ongoing tensions between digital rights activists and large companies. As the digital landscape evolves, the methods and motives of hacktivist groups like NullBulge will likely continue to be a topic of intense debate and scrutiny.
