Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management

Hacktivists Dump Disney Slack Data Online Over AI Projects

Disney’s Data Targeted for Using Artists’ Work in AI Systems, Hacking Group Says
Hacktivists Dump Disney Slack Data Online Over AI Projects
Topiary of Disney's Goofy character at Disney World theme park in Orlando (Image: Shutterstock)

A hacking group known as NullBulge claimed to have released a vast trove of data for download from internal Disney Slack channels, including unreleased projects, login details and raw images and code.

See Also: The Healthcare CISO’s Guide to Medical IoT Security

The apparent hacktivist group - which purports to defend artists from corporations that use their work to train artificial intelligence systems - said Friday it dumped 1.1 tebibytes of files and chat messages belonging to the entertainment and technology giant online. The hack affected Disney's workplace collaboration platform, Slack, which reportedly contained nearly 10,000 channels, in addition to countless messages and attachments.

"Anything we could get our hands on, we downloaded and packaged up," the group said on the social media platform X.

The data comes from as far back as 2019 and includes discussions about the corporation's software development projects, job candidates and company programs, according to The Wall Street Journal, which first reported on the hacking. Disney did not immediately respond to a request for comment from Information Security Media Group, but it told the Journal the company has launched an investigation into the incident.

A spokesperson for the hacking group also told the newspaper it targeted Disney "due to how it handles artist contracts," as well as for its approach to AI and its "pretty blatant disregard for the consumer.”

"If we said 'Hello, Disney, we have all your Slack data,' they would instantly lock down and try to take us out," the group said. "In a duel, you better fire first."

NullBulge said it gained access to the company's Slack channels by exploiting a vulnerable computer belonging to a Disney software development manager. The group already reportedly used the same vulnerable device to gain access to Disney systems.

It remains unclear whether the group has additional access or information belonging to Disney or its Slack platform. Slack did not immediately respond to a request for comment.

Disney - a multipronged conglomerate entertainment powerhouse - includes a vast array of ventures, including blockbuster films, leading streaming platforms including Hulu and Disney+, and world-renowned theme parks.


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.