Disney Slack hack explained: Has my data been stolen?
DisneyDisney’s internal communication channels have allegedly been infiltrated by a “hacktivist” group, who are now claiming to have hacked 10,000 channels on the company’s Slack.
Just 10 years ago, Sony Pictures fell victim to one of the biggest hacking scandals in the entertainment industry. Controversial emails were shared, CEOs stepped down from their roles, and it was proven that even the biggest companies weren’t exempt from a cyber attack.
Now, Disney is supposedly the latest victim of a major hack, with one group claiming to have stolen a huge amount of data. But what does this mean for Disney’s new movies, personal data, and streaming service?
Here’s everything you need to know about the Disney hack, including whether it affects you.
Disney Hack explained
On the weekend of July 13, a “hacktivist” group called NullBulge claimed to have stolen 1.1 terabytes of data from Disney’s internal Slack channels.
The data included personal and corporate information. In a now-deleted tweet, NullBulge claimed they took “anything we could get our hands on.”
NullBulge took credit for the hack in a blog post on their website. The stolen data apparently included discussions about advertising campaigns, studio technology, and interview candidates.
The files in question go back to 2019. Despite this, the group claimed that they didn’t get as much information as initially planned, as “our insider man got cold feet and kicked us out.”
Being a workplace Slack channel, the data also included a range of topics from theme park plans to pictures sent and received by employees.
“1.1 TiB of data, almost 10,000 channels, every message and file possible, dumped. Unreleased projects, raw images and code, some logins, links to internal API/web pages, and more! Have fun sifting through it, there is a lot there,” the group wrote on their blog post.
“We tried to hold off until we got deeper in, but our inside man got cold feet and kicked us out!” The post then named the alleged hacker. They added, “Consider the dropping of literally every bit of personal info you have, from logins to credit cards to SSN, as a warning for people in the future.”
Why Disney?
NullBulge claims to have targeted Disney due to their treatment of artists and use of AI.
A spokesperson for NullBulge claimed [via the Wall Street Journal] that it was “due to how it handles artists contracts, its approach to AI, and its pretty blatant disregard for the consumer.”
As for why the group went straight for releasing the data stolen, the spokesperson said: “If we said ‘Hello Disney, we have all your slack data,’ they would instantly lock down and try to take us out. In a duel, you better fire first.”
What has Disney said?
Disney’s response to the alleged hack has been limited, saying only that they are “investigating the matter.”
Their response [via Deadline] does not validate the hack itself, nor the scope or details of data stolen.
If true, the hacking case can be likened to the infamous 2014 Sony Pictures hack, wherein the company’s internal systems, phones, and email service were infiltrated.
As a result, thousands of emails were released. The whole event resulted in the co-chair of the studio, Amy Pascal, stepping down a few months later.
Has my data been stolen?
In short, it’s unlikely. As it stands, it seems as though only the company’s internal Slack channels have been hacked.
The alleged hack focused only on the company’s Slack, not Disney+ or other public consumer-facing platforms. So your data should be safe, for now.
For more scandals, find out everything there is to know about the Cartoon Network hashtag. You can also find out why people are boycotting Max, and see why Netflix should open movie theaters, not malls.