In a shocking breach of security, hacker group "NullBulge" claims to have obtained and published over one terabyte of Disney's internal Slack messages and files. The group states that the leak was a form of protest against AI-generated art. The stolen data includes unreleased projects, code, images, login credentials, and links to internal websites and APIs, allegedly obtained from nearly 10,000 channels.

According to NullBulge, the data breach was facilitated by a Disney insider, whose name has been disclosed. However, the individual in question, who is currently employed by Disney, has not responded to inquiries regarding the allegations. Disney has neither confirmed nor denied the breach, stating that they are currently investigating the matter.

The leaked data was initially shared on the forum platform BreachForums but was subsequently removed. However, mirror sites still contain the published information. Roei Sherman, field CTO at Mitiga Security, expressed his lack of surprise at the breach, highlighting that companies of Disney's magnitude face constant risks of data theft, particularly from cloud and software-as-a-service platforms.

Sherman, who reviewed the leaked data, confirmed its authenticity, stating that it included conversations between employees, URLs, credentials, and other content. The NullBulge website describes the group as hacktivists working to protect artists' rights and promote fair compensation for their work. The group claims to only target entities that violate their three stated "sins," which include promoting cryptocurrencies, discouraging AI-generated artwork, and theft from supportive artist platforms.

This is not the first time NullBulge has targeted individuals or organizations. The group previously targeted an Indian content creator and, in May, teased the Disney breach. Alongside the alleged Slack data, NullBulge also posted personal information and medical records of the person believed to have provided the insider access and data. This action was allegedly in retaliation for cutting off communication and access.

Security experts have long raised concerns about the vulnerability of corporate Slack accounts if compromised. The platform, owned by Salesforce, is widely used by numerous prominent organizations, including IBM, Capital One, Uber, and Disney's competitor Paramount. Sherman warns that Disney may become an even more appealing target for opportunistic threat actors following this breach.