Disney Cybersecurity Breach Exposes Sensitive Data After AI Tool Download

Disney experienced a significant cybersecurity breach in July 2024 when an employee downloaded AI software from GitHub that contained hidden malware. This malicious software, operated by the hacker group Nullbulge, infiltrated Disney's internal systems and the employee's personal accounts, leading to extensive data exposure.

The breach resulted in the leak of over 44 million internal messages, revealing sensitive company information and personal data of employees and customers. The employee faced severe personal repercussions, including identity theft and job loss, underscoring the profound risks associated with unauthorized software downloads.

In response, Disney announced plans to discontinue the use of Slack for internal communications to enhance security and prevent future incidents.

Full Article