In a significant data breach, hacktivist group NullBulge has infiltrated Disney’s internal Slack infrastructure, leaking 1.2TB of sensitive data. This breach, posted on the cybercrime platform Breach Forums on July 12, 2024, exposes many of Disney’s internal communications, compromising messages, files, code, and other proprietary information.
Good. Based for Nullbulge that they have released the source for free. Their motive is to put pressure on Disney due to their wrongdoings against creative artists.
What source?
I don’t remember, but here is their website with a magnet link for the source: https://nullbulge.se/blog.html
😂my ad blocker does not like this website (is marked as malicious)
Huh, I looked through the website of the hacking team and they use slurs and talk about posting on 4chan, it’s not a great look for a group trying to get on the good side of creative peoples imo
Plus in their blog post they mention that they haven’t read through most of the leaks themselves so they don’t even know what kind of info they might be posting about potentially unrelated people, in an attack on “AI” that won’t stop disney even a little bit. Like, I understand the desire to help creative people but I don’t see how this is doing that
If you’re a grey-hat/chaotic-good hacker intent on exposing corporate greed or whatever, with a cache like that, you’ve got a couple options…either release inmediately, or review the data to minimize collateral damage and release.
If the intent was to help people, and there was no driving force to release immediately, then they should’ve waited and reviewed the data.
I really worry if this is going to lead to my overly-ambitious infosec group putting the kibash on our unofficial/shadow-IT (fully internal) MatterMost.
Review the data cost your time (which is work time, could be transfer into money).
So, better release it all.
also while I am on my soap box, ai-bro and crypto-bro are gendered insults and we should do better
How do ai-bitch and crypto-cunt sound?
nah, just stick to the AI-Bro and Crypto-Bro
Touch grass
average lemmy.world user
Would “crypto-twat” be more acceptable?
A lot of hacker groups originated on 4chan.
In a shocking move, the wage slaves found that their bosses know that they are severely underpaid.
So many passwords will be in there. And cat photos.
Passwords and lotsa creds. I know an infra engineer who stores all of the keys to the projects he’s involved in his message to self Slack. When I asked him about it he told me ‘when I found out that the company billed my time 5x my salary to clients I stopped caring’ and I was like OK that’s fair ¯\_(ツ)_/¯
Depends. Our engineering slack (Few thousand members) doesn’t contain secrets for a few reasons:
- Secret scanning
- We have a /secret bot that will take your secret, store it securely, and then present a GUI for each person with access to display that secret “for just that person”. And then after a set period of time it’s made inaccessible, and wiped from the infra.
- Training and knowledge transfer on secret security
This has been incredibly effective. Especially the secret bot.
Turns out that the problem with people sharing secrets is just a matter of convenience. If you make a secure way convenient then everyone tends to just use it by default.
“Secret Bot” sounds great!
Custom in-house or off the shelf?
In house.
Thank you. It sounds spectacular and well thought out. You must work with a great team.
And jokes about meatball Ron
So where we can find these data to check out?
If the content includes the Disney Vault that’d be very cool
Is Disney blaming the fans yet for this hack?
An export like this does not include private slack channels from what I know of Slack design and export mechanisms
Right, org owner
I think it would depend on the level of the account. They have that feature for compliance reasons in heavily regulated industries.
Kinda, but not even admin accounts can view/export private channels they are not a member of.
I don’t think that’s even a feature
https://slack.com/intl/en-gb/help/articles/201658943-Export-your-workspace-data
It absolutely is.
Slack must have this for compliance issues, or they would be locked out of many industries (like banking and insurance)
I had to manage a Slack migration to another org we were merging with. As the owner, normally I couldn’t even see the names of private channels, but when it came down to the migration, upgrading the account to Business+ tier, the full export included everything (private channels and DMs), which we imported into the new org.
Slack sends notifications to all Admins that the export was happening, and i’ve only seen that notification once after using Slack for 10 years.
😮I bet there is some spicy stuff in the DMs of companies with 1000+ people
IIRC Admins can not, but Org owners can in certain situations.
Definitely is a feature… Have personally used it.
1.5 terabytes of text is a staggering amount of data, and that is just one channel. The thought of that much ”talking" going on in one company is overwhelming.