A group named “NullBulge” dropped a 1.1 TB data bomb last week, claiming it’s Disney‘s internal Slack archive. This stash reportedly includes every message and file from nearly 10,000 channels—unreleased projects, code, images, login credentials, and links to internal sites and APIs. They say an insider handed it over, even naming the alleged collaborator, as per a report by WIRED. Disney’s staying quiet, only telling the Wall Street Journal they’re “investigating.”
The data hit BreachForums on Thursday, got taken down, but is still on mirror sites. Roei Sherman from Mitiga Security isn’t shocked. Big companies get breached all the time, especially through cloud and SaaS platforms. Sherman reviewed the leak and says it looks legit—URLs, employee chats, credentials, the works.
NullBulge, claiming to protect artists’ rights, hacks those they believe commit one of three sins: promoting crypto, pushing AI-generated art, or stealing from artists. Their site flaunts past hits, including the Indian content creator Chief Shifter and now, Disney. They even doxxed the supposed insider, leaking medical records and password manager contents, though the insider’s involvement isn’t confirmed.
Corporate Slack accounts are goldmines for attackers, and Disney’s likely facing more hits now.as expressed by Sherman who warns this is just the start.