Disney data leak reveals personal info of cruise line workers

In a major data breach earlier this summer, sensitive information belonging to Disney cruise line workers was leaked, including passport numbers, visa details, and personal addresses. The breach was executed by a hacktivist group known as Nullbulge, which advocates for artists' rights and claims to target companies that engage in practices they oppose. They uploaded 1.1 terabytes of data from Disney's internal Slack channels, a platform widely used for business communication, especially during the shift to remote work due to the COVID-19 pandemic. The leaked data not only included personal information of employees but also financial details regarding Disney's revenue from its streaming service, Disney+, and its premium park pass, Genie+. Reports indicated that Disney+ generated over $2.4 billion in the first quarter of the year, while Genie+ was projected to bring in $724 million in pretax revenue at Walt Disney World alone. Following the breach, Disney announced it was investigating the incident but stated that it had not materially impacted its operations or financial performance. The company has refrained from commenting on the specifics of the leak, citing the illegal nature of the data acquisition. Experts have noted that data breaches are increasingly common, particularly involving cloud and software-as-a-service platforms. The incident serves as a reminder of the vulnerabilities that exist within corporate data management systems and the potential consequences of such breaches.