Description: Hacktivist group NullBulge claims to have released 1.1 terabytes of Disney’s internal Slack archives, reportedly including messages, unreleased projects, code, images, credentials, and internal links. The breach, allegedly facilitated by an inside collaborator, remained unconfirmed by Disney. The leaked data contains sensitive content and personal information, with indications that the legitimacy has been verified by security experts. This incident not only exposes Disney to the risks of intellectual property theft and privacy violations but also raises questions about the security of cloud platforms and SaaS.

Description: An ex-employee of Walt Disney World, possessing access to the company's passwords post-termination, compromised a third-party menu-creation system used by Disney's restaurants. The attack involved altering menu fonts and listings, resulting in unusable menus and potential allergen misinformation, leading to locked employee accounts and misuse of personal employee information.

Description: A former Disney employee allegedly hacked the software used by Walt Disney World’s restaurants. He accessed a third-party menu-creation system and altered menus, including changing vital allergy information and locking out other employees. The incident led to unusable menu databases due to changes in the font. The hack may have had reputational and financial impacts on Disney, given the nature of the sabotage and the potential risks to customers with allergies.

Description: Matthew Van Andel's wrongful termination complaint against Disney stems from a malware incident that compromised the company’s cybersecurity. After installing a seemingly legitimate AI tool, Van Andel and Disney suffered a hack resulting in the exposure of sensitive financial and employee data. Attackers leaked Van Andel's personal information, such as credit card and social security numbers, causing significant distress and requiring extensive efforts to secure affected accounts. The cyber attack's reach into personal and company data, combined with the potential damage to Disney's finances and reputation, depicts a dire situation.

Description: In this incident, a 25-year-old California man, Ryan Kramer (alias NullBulge), tricked Disney employees into downloading malware disguised as an AI image-generation tool. Once installed, the malware harvested credentials and provided Kramer with unauthorized access to Disney’s private Slack channels and internal communications. One employee, Matthew Van Andel, inadvertently granted elevated privileges, enabling Kramer to exfiltrate more than 1.1 terabytes of confidential data. Stolen materials included personal information of employees, unreleased film and TV project files, and other proprietary corporate documents. When Van Andel failed to comply with threats of publication, Kramer posted the sensitive data on the BreachForums hacking site. Authorities say at least two other individuals were similarly compromised, and an ongoing investigation aims to determine the full extent of the breach. The exposure of internal communications and unreleased intellectual property poses serious reputational, legal, and financial risks for Disney, while also potentially undermining competitive positioning and violating privacy regulations.

Description: The infamous Anubis ransomware gang has listed Disneyland Paris as its latest victim. The group posted details of the alleged breach on its dark web leak site, stating that the stolen data archive totals 64GB. The data was acquired during a breach involving one of Disneyland’s partner companies. The archive includes plans for various park attractions such as Frozen, Crush’s Coaster, Pirates of the Caribbean, Big Thunder Mountain, Autopia, Buzz Lightyear, Orbitron, Casey Jr., Phantom Manor, Ratatouille, and more. The group noted that Disneyland typically signs NDAs with employees, strictly prohibiting them from sharing internal material publicly. The post does not specify whether any customer or visitor information is included in the files. It also does not clarify if a ransom demand has been issued to Disneyland Paris.