Hackread reports that Disney was claimed to have been breached by self-proclaimed hacktivist operation NullBulge, which has exposed 1.2 TB of data belonging to the U.S. multinational media and entertainment conglomerate on BreachForums as part of its efforts to ensure artist rights protection.
Allegedly included in the data dump were messages, files, and data sent by Disney's development team via Slack, which purportedly contained details regarding unreleased projects, internal API/web page links, logins, code, and raw images, among others, according to NullBulge, which has been linked to the LockBit ransomware operation due to its apparent usage of the ransomware gang's leaked builder. No confirmation about the breach has been provided by Disney but VX-Underground noted that infostealer malware may have been leveraged by threat actors to achieve the data compromise. Such an incident comes as AT&T and Ticketmaster reported being impacted by separate breaches which have already cumulatively affected over 100 million individuals across the U.S.