The Disney Documents Hack May Have Been Bigger Than Anyone Imagined. Here's What Hackers Stole. According to files viewed by The Wall Street Journal, the breach was much more than employee chatter in Slack messages.
By Erin Davis
Key Takeaways
- Walt Disney Company suffered a significant data breach earlier this summer.
- Exposed data reportedly included staff passport numbers, visa details, customer information from Disney Cruise Line, and Disney's internal project details and financial strategies.
- The hacking group NullBulge is reportedly behind the leak.
The hack that exposed more than 44 million Slack messages from Disney employees in July may have been much worse, the WSJ reported on Thursday.
According to files viewed by WSJ, the breach included financial projections, strategic plans and sales data from Disney corporate (plus streaming projections and theme park pass sales), and personal details of Disney Cruise Line members, including passports, visas, contact information, and birthplaces.
Related: Disney's Internal Slack Message Data Leaked in Latest Hack Targeting a Major Company
In an August regulatory filing, Disney told investors that "over a terabyte of data" was part of an "unauthorized" release and that the company was investigating.
The month before, the hacking group Nullbulge claimed responsibility for the leak in a blog post, claiming they had internal data on upcoming projects and employees' personal information taken from the company's Slack messaging system.
Disney denied comment to the WSJ.
"We decline to comment on unverified information The Wall Street Journal has purportedly obtained as a result of a bad actor's illegal activity," a Disney spokesman said.
