In July 2024, a hacker leaked 1 TB of Disney’s internal data on darknet and left the below message:
1.1 TB of data dumped… They neve imagined taking down club penguin servers would cause this!
How was such a large dump stolen ? What did club penguin servers had to do with this?
Attack Flow:
- A Disney employee downloads a game add-on on his personal machine > the add-on has hidden malware.
- On the same machine, the employee signs into Disney’s internal communication tool “Slack’ > Malware captures credentials / session details.
- Attacker uses stolen credentials to access Disney’s Slack > Gains entry to 10,000 Slack channels that the user is part of!
- Attacker systematically downloads 1 TB of messages and files from the compromised channels.
- Stolen data is leaked on the darknet, exposing Disney’s internal communications and sensitive information.
So this is happened in Disney hotstar and leaked 1.1 TB Data.
