© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

Disney is disposing Slack after extensive data breach


The Walt Disney Company will no longer be using Slack for its internal communication because of the data breach that took place in July.

According to a memo from Chief Financial Officer (CFO) Hugh Johnston, which was obtained by CNBC, the company wants to ditch Slack from most of its business units by the end of Disney’s next fiscal year and is looking for more “streamlined enterprise-wide collaboration tools”.

Employees were informed last week about the decision to discard Slack.

In July, a threat actor called ‘NullBulge’ claimed he had stolen over 1.1 terabyte of data from over 10,000 channels from Disney’s Slack server.

The dataset contained every message and file sent with Slack, but also unreleased projects, raw images and code, login credentials, links to internal APIs and web pages, credit card information, social security numbers, and more.

“Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? Go grab it,” NullBulge stated on X.

In August, Disney told investors it doesn’t think the data breach will have a material impact on the company’s business operations or financial results.

CNBC points out that during an interview with Bloomberg at the annual Dreamforce Conference, Marc Benioff, CEO of Salesforce, the company that owns Slack, told the attendants their security was ‘rock-solid’.

“Companies also have to take the right measures to prevent phishing attacks and to lock down their employees’ social engineering. So, we can do our part, but our customers also have to do their part,” he said.

It isn’t the first time communication platform Slack has been targeted by hackers. In September 2022, hacking group LAPSUS$ was able to break into Uber’s Slack server using the login credentials from an employee.

The threat actor was able to access several of Uber’s internal systems, including its Slack server, but was left out of the company’s databases where it stored sensitive user information.

“It does appear that the attacker downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool our finance team uses to manage some invoices. We are currently analyzing those downloads,” Uber said in a statement at the time.

And in December 2022, hackers breached Activision’s Slack server and were able to steal employee data and information about upcoming games.


Leave a Reply

Your email address will not be published. Required fields are marked