Disney Investigating Hack by Anti-AI Group Who Says It Took ‘Anything We Could Get Our Hands On’

Hacktivist group NullBulge says it downloaded five years’ worth of corporate and employee information from Slack

Magic Kingdom Park at Walt Disney World in Orlando, Florida
Disney

Disney is investigating an internal breach after a group of hacktivists called NullBulge took credit over the weekend for stealing 1.1 terabytes of personal and corporate data from the studio’s internal Slack channels — or, as the group said in a since-deleted tweet, “anything we could get our hands on.”

The hack was reported on an underground forum, with the note that they hadn’t gotten as much information as they planned since “our insider man got cold feet and kicked us out.”

Disney said in a statement to media on Monday that they are “investigating this matter” following an initial Wall Street Journal report on the breach.

The leaked files, which date back to 2019, included discussions about ad campaigns, studio technology and interview candidates, according to WSJ. Other information obtained in the hack runs the gamut from theme park plans to photos of employees’ dogs.

NullBulge Disney hack tweet
Credit: Hackread.com

A Friday Tweet from @NullBulgeGroup (screencapped above by Hackread.com), read, “Disney has had their entire dev slack dumped. 1.1 TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? Go grab it.”

A spokesperson for the group said via an online message that it chose Disney “due to how it handles artist contracts, its approach to AI, and it’s [sic] pretty blatant disregard for the consumer,” according to WSJ.   

In August 2023, Reuters reported Disney was developing AI applications in-house as well as forming partnerships with AI startups.

The group said they leaked the data because they believed that Disney would not respond to any kind of ransom demand. “If we said ‘Hello Disney, we have all your slack data,’ they would instantly lock down and try to take us out. In a duel, you better fire first,” the spokesperson said.

Eric Parker, a security researcher who has been following NullBulge online, told WSJ that the hacker is likely just one person: “He’s not doing it for money. I think this is an attention-seeking exercise.”

The group has said that it accessed the data by twice compromising the computer of a Disney software development manager.

A similar hack hit Sony Studios in 2014, during which confidential emails were leaked. The Department of Justice indicted three North Koreans in 2021

According to the DOJ, the three defendants worked for the Reconnaissance General Bureau, a wing of the North Korean military intelligence. They were accused of conspiring to extort and steal more than $1.3 billion in cash and cryptocurrency from Disney and other companies.

Comments