TECH NEWS – This isn’t an April Fool’s joke, it’s totally serious, and it’s worth checking out what happened.
Last week we wrote about how a group called Nullbulge hacked into Disney’s servers and leaked 1.1TB of data. The group describes itself as a hacktivist group that defends the rights of artists and ensures that they are properly compensated for their work. They also posted a rather NSFW image of a lion. Support for crypto, AI images, theft of any kind – these are the reasons why Disney is being taken to task, just as the mouse empire is taking a stand against the fair use of AI: Disney CEO Bob Iger has condemned the strike by the American actors’ union SAG-AFTRA…
Nullbulge says they don’t hack with malicious intent, but to punish thieves, whether they steal big or small. They posted the data with the following statement: “Hey guys, it’s us again. Yesturday [sic] we leaked some small DB, now we leak the big guns. 1.1 TiB of data, nearly 10,000 channels, every message and file imaginable dumped. Unreleased projects, raw images and code, some logins, links to internal API / web pages, and more! Have fun sifting through it, there is a lot. Perfect for intelligence gathering and more. I bet they never imagined that taking down the Club Penguin servers would cause so much “shit”.
It all started when a Trojan horse was planted in a mod of the game BeamNG. This was downloaded by a Disney software development manager who had access to the company’s Slack channels (it’s common in corporate environments to communicate through them). Once inside, the same person was attacked again, but in an unknown way, and started downloading everything, but the attacked party noticed this and disabled access, but too late, as Nullbulge had already gotten everything. The person in question will probably lose his job quickly and will not get a second chance in the industry.
Disney’s lawyers quickly took down Nullbulge’s social channels, and the leaked data now includes internal communications from 2019. Nullbulge told the Wall Street Journal that they released the data because Disney did not respond to their demands. According to security researcher Eric Parker, the group is just one person doing it for attention, not money.
Either way, the reason is ridiculous: Club Penguin!?
Source: PCGamer, Wall Street Journal
Leave a Reply