1 TB of Disney Data Leaked in NullBulge Cyber Attack

Disney is the latest major corporation to be targeted by a cyber attack that has allegedly led to a massive 1.1TB data leak. 

Hacker group called NullBulge claims to have accessed over 1.1TB of data from the Walt Disney Company internal Slack channel. Slack is a cloud-based company communication platform where teams can message colleagues and share files.

NullBulge claims to have gained access to unreleased projects, concept arts, login details, and personal details shared by Disney. They also claim that they were initially on track to access more information but they were working with an ‘inside man’, named as a developer for the Walt Disney Company, who got ‘cold feet.’ Seemingly as revenge for these ‘cold feet’, the group also released the mans identity alongside ‘ literally every bit of personal info [he has], from logins to credit cards to SSN’ claiming that this was ‘a warning for people in the future.’

The hacker group used X to tease the leak before eventually announcing it with a post stating:  ‘Disney has had their entire dev slack dumped. 1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? go grab it.’

The Walt Disney Company has not yet acknowledged this alleged data leak or provided a statement to confirm the extent of the issue. 

Who are NullBulge?

Hacker group called NullBulge claims to have accessed over 1.1TB of data from the Walt Disney Company internal Slack channel. Slack is a cloud-based company communication platform where teams can message colleagues and share files. 

The group claim to be a ‘hacktivist’ group with a mission statement on ‘protecting artists' rights and ensuring fair compensation for their work.’

Read: Top 10 Most Notorious Hacker Groups in History

Their website outlines three key priorities with the group targeting crypto currency, AI artwork and ‘theft’ from artists. In line with this NullBulge claim to offer services in:

• Monitoring and reporting of art theft
• Advocating for fair compensation 
• Payback through honeypots and malicious mods
• Destroying machines of thieves and securing restitution.

The group claims to be behind a previous cyber attack on KlapAI (formerly Bitmetris), an AI AI-based Asset Platform that combines AI with gaming.

Why has Disney's Data Been Leaked?

NullBulge has not explicitly confirmed their reasons for targeting Disney. However, examining their stated mission of "protecting artists' rights and ensuring fair compensation for their work," some potential motivations emerge.

Disney's recent controversies surrounding royalty payments align with NullBulge's stated goals. The company has faced significant criticism and legal challenges regarding its treatment of writers and artists. Writers, including Neil Gaiman, have criticized Disney's decision to cease royalty payments for novelizations and graphic novels based on Disney-owned properties, affecting creators working on massive franchises such as "Star Wars" and "Alien."

Read: Hackers Are Exploiting the UEFA Euros for Phishing Attacks

The issue gained more widespread attention after author Alan Dean Foster publicly revealed he had not received royalties for his Star Wars and Alien novels after Disney acquired them. While some high-profile settlements have been reached, many writers and artists continue to struggle for fair compensation. Organizations like the Science Fiction & Fantasy Writers of America (SFWA) have actively campaigned to pressure Disney to fulfill its financial obligations.

Given Nulbulge's focus on artists' rights and fair compensation, Disney's history of royalty disputes provides a potential motive for the attack. It's possible that the group views their actions as a form of retribution or a catalyst for broader industry change.