A hacktivist organisation reveals unreleased projects and Disney corporate data

The Wall Street Journal analysed files that show the "hacktivist" organisation Nullbulge took data from Disney's internal Slack collaboration system.

In a blog post, the leaker gang claimed to have made data from thousands of Slack chats inside the entertainment industry available. Computer code and information regarding unannounced projects were included in the material. Large companies frequently utilise Slack for group conversations regarding strategic objectives.

It was not immediately possible to verify the accuracy of the group's statements about the number of papers stolen and how they were obtained.

According to the WSJ, the material that was stolen includes discussions regarding software development, hiring applicants evaluations, efforts for ESPN's rising executives, and even pictures of staff members' pets. The chats extend at least back to 2019.

Disney is investigating the issue, a spokeswoman for the corporation stated.

Recently, the hacker gang claimed to have taken photos of papers from Disney's Slack channels and released them online. Excerpts from project descriptions and plans, together with visitation, booking, and income statistics from Disneyland Paris, were included in these purported documents.

Nullbulge describes itself as a hacktivist collective that supports the rights of artists and chooses its targets according to certain political, social, or economic principles. A group spokesman claimed that Disney was singled out because of the way it handled artist contracts, how it approached artificial intelligence, and how much it was thought to care about its customers.

Eric Parker, a security expert, states that Nullbulge first asserted to have gained access to Disney's computer networks in May. Parker believes that the organisation is really just one person looking for attention.

The gang allegedly gained access to the data by twice breaking into the computer of a Disney software development manager. Prior to this, the organisation obtained internet login credentials and personal information, including the private information of the Disney employee in issue, which they later made public.

The release of a company's internal communications, source code, and documents to the public can seriously disrupt it and perhaps jeopardise its business goals.

(Sources: investing.com, wsj.com, reuters.com)