Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Disney Plus logo
Screengrab via YouTube/MTX

‘Hello Disney, we have all your Slack data’: A rogue hacking group may have stolen more private information than the House of Mouse initially realized

Subscriber data may have been breached, while Disney's dismal summer continues.

Earlier this summer, Disney suffered a significant data breach, and it was revealed that over 44 million internal messages were released online. Now, it appears that the breach is even larger than previously suspected.

Recommended Videos

Disney recently told investors that they are looking into the details of “over a terabyte of data” being hacked.

The Wall Street Journal, who initially broke the news of the security breach, reports that that it includes over 18,000 spreadsheets, which contain internal information regarding Disney’s finances, its overall operations, including strategy, and even the personal information of some Disney staffers.

Some customer data was also stolen, particularly those who are Disney Cruise Line members.

The hacker targeted information that mostly originates from Slack, which is one of the multiple services Disney uses for employee communication. All of those messages shared can be traced back to one employee who is a company manager of software development, thus suggesting that the hackers were able to compromise that employee’s Slack account, and access data naturally via his login information.

WSJ stated that a hacking group called Nullbulge appears to be the culprit, and are the ones who have released the stolen information online.

Nullbulge has a public account on X, and has shared at least two posts containing information allegedly arising from the breach. Both of those posts, uploaded earlier this summer, are still up at time of writing.

It’s worth noting that it’s not just messages that can be taken from a Slack account. From a company employee’s account, one can look at all communication involving that user, including generic messages not necessarily directed to that user, but also access important and potentially sensitive data that management places on Slack as a reference for employees.

Disney responded to the allegations by stating, “We decline to comment on unverified information that The Wall Street Journal has purportedly obtained as a result of a bad actor’s illegal activity.”

It’s been a bad publicity summer for Disney. In August, they rightfully received backlash for their reasons to try and get a wrongful death lawsuit thrown out.

Allegedly, someone claiming to be a spokesperson for Nullbulge told The Journal why they released the data without any demands initially, explaining, “If we said, ‘Hello Disney, we have all your Slack data,’ they would instantly lock down and try to take us out. In a duel, you better fire first.”

The hacked information also includes just how profitable the Disney Plus streaming platform is, something that Disney refuses to disclose publicly. Assuming the information shared is accurate, then Disney’s streaming revenue for the first quarter of 2024 — which also includes their 33% stake in Hulu — exceeded $2.4 billion.

The information is rather timely, considering that Disney is attempting to take control of Hulu by buying Comcast’s share in the streaming company, but the sale is not going smoothly; the companies recently sought arbitration to help determine the value of Comcast’s 33% share, something that can be judged against Disney’s stake, now available online courtesy of Nullbulge.

The hacking group claim they are based in Russia, and were motivated to target Disney partly due to what they believe is Disney’s lack of support for its artists. However, it’s strongly suspected that the hack is the work of one person from the United States without any real reason to target Disney directly.


We Got This Covered is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
Author
Image of Curtis Roberts
Curtis Roberts
I write, therefore I am. It’s my passion and my love and has gifted me many things, though I hope it gifts my readers more.