In a significant data breach, hacktivist group NullBulge has infiltrated Disney’s internal Slack infrastructure, leaking 1.2TB of sensitive data. This breach, posted on the cybercrime platform Breach Forums on July 12, 2024, exposes many of Disney’s internal communications, compromising messages, files, code, and other proprietary information.

    • 5redie8@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      67
      arrow-down
      3
      ·
      5 months ago

      Internal slack infrastructure

      Taking this part of the description at face value anyway, this sounds like the opposite of the cloud.

      That being said, I still agree with the statement

      • bamboo@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        62
        arrow-down
        2
        ·
        5 months ago

        I don’t think Slack has a self hosted version, and does not offer IP allow listing. There’s nothing preventing someone to go to https://disney.slack.com/. I think when they say “internal” they mean for internal employees, and not like a thing for fans.

        • addie@feddit.uk
          link
          fedilink
          English
          arrow-up
          29
          arrow-down
          4
          ·
          5 months ago

          I think when Disney demands an internally-hosted version of your product, then the sales team tells engineering that they’ll provide one, and mark the price up accordingly. That kind of thing doesn’t appear on the external listing for everyone else.

          • cmhe@lemmy.world
            link
            fedilink
            English
            arrow-up
            21
            arrow-down
            4
            ·
            edit-2
            5 months ago

            Why would Disney demand that?

            Why would they choose slack if they want to host, maintain and be responsible for the internal chat themselves?

            They choose slack because they do it for them so that they don’t have to do it themselves. That is the selling point for them.

            Businesses buy cloud services, because they do not want to manage stuff themselves.

            • douglasg14b@lemmy.world
              link
              fedilink
              English
              arrow-up
              4
              ·
              5 months ago

              Your logic isn’t making sense.

              The code would end up somewhere for others to use…? What?

              One-off products or beta offerings are often kept private, sometimes indefinitely.

              • homesnatch@lemm.ee
                link
                fedilink
                English
                arrow-up
                3
                ·
                5 months ago

                In this case, Disney is using Slack Cloud-hosted for internal communication, but I can definitely understand people interpreting it differently.

            • anivia@lemmy.ml
              link
              fedilink
              English
              arrow-up
              4
              ·
              5 months ago

              Providing Disney with an internally hostable version of Slack doesn’t require giving them the code. They can just ship them compiled binaries

        • UtMan1988@lemmy.world
          link
          fedilink
          English
          arrow-up
          21
          arrow-down
          4
          ·
          5 months ago

          They do. You pay extra for it. You have to have apache or a web server configured for it, and a lot of space. Source: I configured one like 4 years ago.

            • weker01@feddit.de
              link
              fedilink
              English
              arrow-up
              22
              ·
              5 months ago

              Welcome to the world of B2B where 98% of products are listed nowhere and of those products you get a listing the price is either hidden or not the price anyone really pays.

              • Etienne_Dahu@jlai.lu
                link
                fedilink
                English
                arrow-up
                10
                ·
                5 months ago

                That’s what I hate the most in B2B. No transparency. How am I supposed to trust you if we start this way?

            • drislands@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              ·
              5 months ago

              I can’t find it now, but my company attempted to get that from Slack and IIRC it was an option but more expensive than they were willing to pay.

          • ipkpjersi@lemmy.ml
            link
            fedilink
            English
            arrow-up
            7
            ·
            edit-2
            5 months ago

            That sounds like user error on Disney’s part then. My company uses IP whitelisting just fine.

  • PrivateNoob@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    96
    arrow-down
    7
    ·
    5 months ago

    Good. Based for Nullbulge that they have released the source for free. Their motive is to put pressure on Disney due to their wrongdoings against creative artists.

  • kate@lemmy.uhhoh.com
    link
    fedilink
    English
    arrow-up
    85
    arrow-down
    7
    ·
    5 months ago

    Huh, I looked through the website of the hacking team and they use slurs and talk about posting on 4chan, it’s not a great look for a group trying to get on the good side of creative peoples imo

    • kate@lemmy.uhhoh.com
      link
      fedilink
      English
      arrow-up
      45
      arrow-down
      7
      ·
      5 months ago

      Plus in their blog post they mention that they haven’t read through most of the leaks themselves so they don’t even know what kind of info they might be posting about potentially unrelated people, in an attack on “AI” that won’t stop disney even a little bit. Like, I understand the desire to help creative people but I don’t see how this is doing that

      • JasonDJ@lemmy.zip
        link
        fedilink
        English
        arrow-up
        22
        arrow-down
        3
        ·
        5 months ago

        If you’re a grey-hat/chaotic-good hacker intent on exposing corporate greed or whatever, with a cache like that, you’ve got a couple options…either release inmediately, or review the data to minimize collateral damage and release.

        If the intent was to help people, and there was no driving force to release immediately, then they should’ve waited and reviewed the data.

        I really worry if this is going to lead to my overly-ambitious infosec group putting the kibash on our unofficial/shadow-IT (fully internal) MatterMost.

        • hahattpro@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          Review the data cost your time (which is work time, could be transfer into money).

          So, better release it all.

      • kate@lemmy.uhhoh.com
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        80
        ·
        5 months ago

        also while I am on my soap box, ai-bro and crypto-bro are gendered insults and we should do better

  • sunzu@kbin.run
    link
    fedilink
    arrow-up
    34
    arrow-down
    1
    ·
    5 months ago

    In a shocking move, the wage slaves found that their bosses know that they are severely underpaid.

    • sheogorath@lemmy.world
      link
      fedilink
      English
      arrow-up
      29
      ·
      5 months ago

      Passwords and lotsa creds. I know an infra engineer who stores all of the keys to the projects he’s involved in his message to self Slack. When I asked him about it he told me ‘when I found out that the company billed my time 5x my salary to clients I stopped caring’ and I was like OK that’s fair ¯\_(ツ)_/¯

      • douglasg14b@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        ·
        edit-2
        5 months ago

        Depends. Our engineering slack (Few thousand members) doesn’t contain secrets for a few reasons:

        1. Secret scanning
        2. We have a /secret bot that will take your secret, store it securely, and then present a GUI for each person with access to display that secret “for just that person”. And then after a set period of time it’s made inaccessible, and wiped from the infra.
        3. Training and knowledge transfer on secret security

        This has been incredibly effective. Especially the secret bot.

        Turns out that the problem with people sharing secrets is just a matter of convenience. If you make a secure way convenient then everyone tends to just use it by default.

  • Evotech@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    7
    ·
    5 months ago

    An export like this does not include private slack channels from what I know of Slack design and export mechanisms

  • Hugh@lemmy.ca
    link
    fedilink
    English
    arrow-up
    3
    ·
    5 months ago

    1.5 terabytes of text is a staggering amount of data, and that is just one channel. The thought of that much ”talking" going on in one company is overwhelming.