Disney Slack Messages About 1.1 TB Leaked, According to Hackers
In what appears to be a protest against AI-generated art, a hacker collective known as "NullBulge" claims to have taken over a terabyte of Disney's internal Slack messages and files from almost 10,000 channels.
Late last week, a group going by the name "NullBulge" released a 1.1-TB data dump that they claim is an internal Slack archive from Disney. Every message and file from about 10,000 channels is purportedly included in the data, along with unreleased projects, code, photos, login credentials, and access to corporate websites and APIs.
The hackers identified their purported partner and asserted that they obtained access to the data through an insider at Disney.
WIRED reached out to a person with that name who lists Disney as their current work, but they did not respond. It's unclear if the hackers had true inside assistance, but it's possible that they compromised one employee's account using software designed to steal information. Disney declined to verify the security breach or respond to repeated inquiries on the veracity of the pilfered information.
The Wall Street Journal was informed by a Disney representative that the firm “is investigating this matter.”
The information was uploaded to BreachForums and then removed, but it is still available on mirror websites. It looks to have been released for the first time on Thursday.
Field CTO at Mitiga Security Roei Sherman says he is not shocked that a major company like Disney could have such a large-scale intrusion. Businesses are constantly being compromised, he claims, particularly when it comes to data theft from software-as-a-service and cloud computing platforms. "It just holds bigger rewards and is easier for attackers."
"All of it looks legit a lot of URLs, conversations of employees, some credentials, and other content," said Sherman, who examined the data in the leak.
A "hacktivist group protecting artists' rights and ensuring fair compensation for their work," according to the NullBulge website. According to the gang, it only hacks people who commit one of three "sins.
First of all, "We do not support the promotion of cryptocurrency or cryptocurrency-related goods or services in any way." Second: "We think AI-generated art should be discouraged because it harms the creative industry." Third: "Any theft from artists in general or from Patreons or other platforms that support artists."
A summary of the group's ethos may be found on its "wall of knowledge," which details its data dumps. It asks, "What better way to punish someone than getting them in trouble eh?" The organisation had before threatened to "first shame" Chief Shifter, an Indian content maker. Next, NullBulge hinted at the Disney breach in May by posting a "second punch." "This one, I never imagined I'd acquire this quickly. Disney. Yes, that Disney," NullBuldge wrote, implying that there might just be one member in the group.
"We have some good shit, but the attack has only just begun." These two files are from inside to demonstrate our seriousness.
Apart from the purported Slack data, NullBulge also shared what seems to be comprehensive details about the person they claimed gave them insider access to the data. Along with additional personally identifiable information, medical records and the purported contents of the Disney employee's 1Password password manager are included in the leak. It's unclear if the worker ever collaborated with the group, despite NullBulge's accusations that they doxxed the person in revenge for severing access and communication.
Corporate Slack accounts may be a gold mine for hackers if they are exploited, as security researchers have long cautioned. Owned by Salesforce, the well-known team communication tool is utilised by many well-known companies, such as IBM, Capital One, Uber, and Disney competitor Paramount.
"Opportunistic threat actors will probably target Disney a lot more now," Sherman cautions.
0 Comments