Disney’s summer took a serious turn when it suffered a massive data breach, revealing over 44 million internal messages and potentially much more sensitive information. Now, it appears the breach is even larger than initially suspected. According to *The Wall Street Journal*, Disney is investigating the theft of over a terabyte of data, including 18,000 spreadsheets filled with internal financial details, company strategies, and personal information of employees, including some customers from Disney Cruise Line.
The hackers, a group called Nullbulge, reportedly accessed the data through a compromised Slack account belonging to a Disney manager of software development. This breach allowed them to access both personal and sensitive corporate information stored within Slack.
Nullbulge, which has publicly shared some of the stolen data, claims the hack was motivated by Disney’s alleged poor treatment of its artists. While they are believed to be based in Russia, suspicions point to a U.S.-based individual behind the attack.
Disney has been reluctant to comment directly on the breach, labeling it an illegal activity and refusing to confirm the accuracy of the stolen data. However, the hack has already caused reputational damage, with sensitive financial details, including Disney’s Disney+ streaming revenue and their ongoing negotiations with Comcast over Hulu, now exposed online.
The breach comes at a time when Disney is already facing scrutiny over other legal and PR issues, adding to what has been a challenging period for the company. The hackers’ decision to release the data without a ransom demand, according to Nullbulge, was strategic, ensuring they got the upper hand before Disney could respond.
This cyberattack highlights the growing vulnerabilities in corporate communication systems and emphasizes the need for increased cybersecurity measures, especially for high-profile companies like Disney.
