{"id":24893,"date":"2024-07-15T07:10:09","date_gmt":"2024-07-15T15:10:09","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/07\/15\/news-18623\/"},"modified":"2024-07-15T07:10:09","modified_gmt":"2024-07-15T15:10:09","slug":"news-18623","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/07\/15\/news-18623\/","title":{"rendered":"Disney &#8220;breached&#8221;, data dumped online"},"content":{"rendered":"\n<p>A group of cybercriminals going by the handle NullBulge claims to have downloaded the Slack channels used by Disney\u2019s developers.<\/p>\n<figure class=\"wp-block-image aligncenter size-full\"><a href=\"https:\/\/x.com\/NullBulgeGroup\/status\/1811656487514546466\"><img decoding=\"async\" loading=\"lazy\" width=\"608\" height=\"470\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2024\/07\/NullBulge_Tweet.png\" alt=\"Tweet by NullBulge\" class=\"wp-image-113718\" \/><\/a><\/figure>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201c#DisneySlackLeak<\/p>\n<p>#Disney has had their entire dev slack dumped. 1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? go grab it.\u201d<\/p>\n<\/blockquote>\n<p>The group says it got a hold of a huge amount of data, including unreleased projects and login info:<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201c1.2 TB of data, almost10,000 channels, every message and file possible, dumped. Unreleased projects, raw images and code, some logins, links to internal api\/web pages, and more! Have fun sifting through it, there is a lot there. We tried to hold off until we got deeper in, but our inside man got cold feet and kicked us out! I thought we had something special {name}! Consider the dropping of literally every bit of personal info you have, from logins to credit cards to SSN, as a warning for people in the future.\u201d<\/p>\n<\/blockquote>\n<p>This seems to indicate that the group was helped by an <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2018\/08\/the-enemy-is-us-a-look-at-insider-threats\">insider<\/a>, and that it might have obtained even more had that person not backed out of assisting. It&#8217;s unlikely that NullBulge had access to customer data through these Slack channels, but it does look as if the group accessed a lot of material that Disney was working on.<\/p>\n<p>Calling itself a hacktivist group that aims for better compensation and protection of artists\u2019 rights, the group then announced the breach on infamous data leak site BreachForums and provided screenshots of its findings.<\/p>\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"1254\" height=\"670\" src=\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2024\/07\/BreachForums_de0fac.png?w=1024\" alt=\"Post on BreachForums with screenshots\" class=\"wp-image-113719\" \/><figcaption class=\"wp-element-caption\">Post by NullBulge on BreachForums<\/figcaption><\/figure>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cHi there folks, it is us again.<\/p>\n<p>Yesterday we leaked some small DB, now we leak the big guns.<\/p>\n<p>1.1TiB of data. almost 10,000 channels, every message and file possible, dumped. Unreleased projects, raw images and code, some logins, links to internal api\/web pages, and more! Have fun sifting through it, there is a lot there.<\/p>\n<p>Perfect for gathering intelligence and more.\u201d<\/p>\n<\/blockquote>\n<p>The earlier post NullBulge is referring to is a WordPress database dump of the howwelove[.]com domain. We have no idea what the group&#8217;s beef with this relationships-focused website is.<\/p>\n<p>Disney is yet to make a comment. We&#8217;ll keep this post updated with the latest developments<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<p><strong>We don&#8217;t just report on threats &#8211; we help safeguard your entire digital identit<\/strong>y<\/p>\n<p>Cybersecurity risks should never spread beyond a headline. Protect your\u2014and your family&#8217;s\u2014personal information by using <a href=\"https:\/\/www.malwarebytes.com\/identity-theft-protection\">identity protection<\/a>.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\" \/>\n<h2 class=\"wp-block-heading\" id=\"h-summer-mega-sale\">Summer mega sale<\/h2>\n<p>Go into your vacation knowing you&#8217;re much more secure: This summer you can get a huge <a href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\"><strong>50%\u00a0off\u00a0a Malwarebytes Standard subscription<\/strong> or <strong>Malwarebytes Identity bundle<\/strong><\/a>. Run, don&#8217;t walk!<\/p>\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-1 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-white-color has-blue-background-color has-text-color has-background has-link-color wp-element-button\" href=\"https:\/\/try.malwarebytes.com\/summer-mega-sale\/blog\/\"><strong>SAVE 5<\/strong>0<strong>% TODAY<\/strong><\/a><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2024\/07\/disney-breached-data-dumped-online\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p> Hacktivists claim they have stolen 1.2 TB of data from Disney&#8217;s developer Slack channels. <\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[32],"class_list":["post-24893","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-news"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24893","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=24893"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/24893\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=24893"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=24893"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=24893"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}