Major Data Breach Hits Disney: 1.1TB of Data Compromised

July 16, 2024 – Disney has fallen victim to a significant cyberattack orchestrated by the hacker group NullBulge, leading to the breach of 1.1TB of sensitive data. The compromised information includes unreleased projects, concept art, login details, and personal information. The attack was facilitated through unauthorized access to Disney's internal Slack communication channels.

In addition to the stolen data, Disney+ subscribers have reported unauthorized access to their accounts. Hackers are using stolen credentials from other sites to log in and sell these accounts on hacking forums for as low as $5 per year. Disney has acknowledged the breach and is actively investigating the incident. They are advising users to change their passwords and to be vigilant against phishing attempts.

NullBulge has claimed responsibility for the attack, showcasing a screenshot of the compromised files to substantiate their claims. While Disney has yet to officially comment on the breach, initial leaks of the stolen data have begun to surface online.

Security Measures and User Guidance

Disney is urging its users to adopt strong, unique passwords for their accounts and to be cautious of emails purporting to be from Disney+ that request personal information or direct users to login pages. Users experiencing issues with their accounts are encouraged to contact Disney's customer service for assistance.

Investigation and Next Steps

Disney is conducting a thorough investigation to understand the extent of the breach and to implement measures to prevent future incidents. This breach highlights the critical importance of robust cybersecurity practices and user vigilance in protecting personal information.

For further details and updates, you can read the full reports on Insider Gaming and What's On Disney Plus.