In a recent development, an activist hacking group known as Nullbulge has claimed responsibility for leaking thousands of Disney’s internal messaging channels. This massive breach exposed sensitive information about unreleased projects, raw images, computer codes, and even some login credentials. The group reportedly leaked approximately 1.2 terabytes of data from Disney’s Slack, a popular communications software used by the company.
According to Nullbulge, they gained access to Disney’s internal channels through a person with Slack access who had cookies. The group claimed to be based in Russia and stated in an email to CNN that the user was aware of their presence but failed to prevent them from accessing the system multiple times. However, CNN could not independently verify these claims.
In response to the breach, Disney announced that they are currently investigating the matter. The entertainment giant, known for its diverse holdings ranging from ESPN to Hulu and Disney+ to ABC News, expressed concern over the security of their internal communications.
Nullbulge justified their actions by claiming that they aimed to protect artists’ rights and ensure fair compensation for their work in an era dominated by artificial intelligence. The group criticized Disney for its handling of artist contracts, approach to AI, and alleged disregard for consumer interests. This breach comes at a time when the entertainment industry is grappling with the implications of AI on creative processes, with writers and actors expressing fears of being replaced by technology.
The hacking group had been teasing the release of the leaked data on social media for weeks before the actual breach took place. For instance, they posted what appeared to be visitor, booking, and revenue data from Disneyland Paris in June, hinting at the vast amount of information they had obtained.
Nullbulge explained that they decided to leak the data rather than make demands to Disney, as they believed the company would immediately tighten security measures if approached directly. The group emphasized the need to act preemptively in such situations to avoid being thwarted by the target.
This incident evokes memories of the 2014 Sony Pictures hack, which was linked to North Korea and caused a major international crisis. The breach exposed sensitive emails from company executives, celebrity aliases, social security numbers, and entire movie scripts, highlighting the potential risks associated with cyberattacks on major corporations.
As the investigation into the Disney breach unfolds, the entertainment industry faces renewed concerns about the vulnerability of its digital infrastructure and the need for enhanced cybersecurity measures to protect valuable intellectual property and sensitive information.