Description: The infamous Anubis ransomware gang has listed Disneyland Paris as its latest victim. The group posted details of the alleged breach on its dark web leak site, stating that the stolen data archive totals 64GB. The data was acquired during a breach involving one of Disneyland’s partner companies. The archive includes plans for various park attractions such as Frozen, Crush’s Coaster, Pirates of the Caribbean, Big Thunder Mountain, Autopia, Buzz Lightyear, Orbitron, Casey Jr., Phantom Manor, Ratatouille, and more. The group noted that Disneyland typically signs NDAs with employees, strictly prohibiting them from sharing internal material publicly. The post does not specify whether any customer or visitor information is included in the files. It also does not clarify if a ransom demand has been issued to Disneyland Paris.

Description: In this incident, a 25-year-old California man, Ryan Kramer (alias NullBulge), tricked Disney employees into downloading malware disguised as an AI image-generation tool. Once installed, the malware harvested credentials and provided Kramer with unauthorized access to Disney’s private Slack channels and internal communications. One employee, Matthew Van Andel, inadvertently granted elevated privileges, enabling Kramer to exfiltrate more than 1.1 terabytes of confidential data. Stolen materials included personal information of employees, unreleased film and TV project files, and other proprietary corporate documents. When Van Andel failed to comply with threats of publication, Kramer posted the sensitive data on the BreachForums hacking site. Authorities say at least two other individuals were similarly compromised, and an ongoing investigation aims to determine the full extent of the breach. The exposure of internal communications and unreleased intellectual property poses serious reputational, legal, and financial risks for Disney, while also potentially undermining competitive positioning and violating privacy regulations.

Description: Matthew Van Andel's wrongful termination complaint against Disney stems from a malware incident that compromised the company’s cybersecurity. After installing a seemingly legitimate AI tool, Van Andel and Disney suffered a hack resulting in the exposure of sensitive financial and employee data. Attackers leaked Van Andel's personal information, such as credit card and social security numbers, causing significant distress and requiring extensive efforts to secure affected accounts. The cyber attack's reach into personal and company data, combined with the potential damage to Disney's finances and reputation, depicts a dire situation.

Description: A former Disney employee allegedly hacked the software used by Walt Disney World’s restaurants. He accessed a third-party menu-creation system and altered menus, including changing vital allergy information and locking out other employees. The incident led to unusable menu databases due to changes in the font. The hack may have had reputational and financial impacts on Disney, given the nature of the sabotage and the potential risks to customers with allergies.

Description: An ex-employee of Walt Disney World, possessing access to the company's passwords post-termination, compromised a third-party menu-creation system used by Disney's restaurants. The attack involved altering menu fonts and listings, resulting in unusable menus and potential allergen misinformation, leading to locked employee accounts and misuse of personal employee information.

Description: Hacktivist group NullBulge claims to have released 1.1 terabytes of Disney’s internal Slack archives, reportedly including messages, unreleased projects, code, images, credentials, and internal links. The breach, allegedly facilitated by an inside collaborator, remained unconfirmed by Disney. The leaked data contains sensitive content and personal information, with indications that the legitimacy has been verified by security experts. This incident not only exposes Disney to the risks of intellectual property theft and privacy violations but also raises questions about the security of cloud platforms and SaaS.

Description: ABC News suffered a significant reputational and operational blow following the public exposure of a workplace affair between two of its prominent anchors, Amy Robach and T.J. Holmes, in November 2022. The scandal led to their immediate termination on January 27, 2023, disrupting the network’s on-air talent lineup and internal workplace culture. The fallout extended beyond personnel changes, as the incident drew widespread media scrutiny, eroding public trust in ABC’s professional standards and ethical oversight. The anchors’ subsequent launch of a competing podcast ('Amy & T.J.') in December 2023 further compounded the network’s challenges by diverting audience attention and creating a rival platform leveraging their former ABC-associated fame. The long-term impact included the loss of two high-profile journalists, potential advertisers’ hesitation due to the controversy, and lingering questions about ABC’s handling of workplace relationships. The scandal also set a precedent for how the network manages internal conduct, with ripple effects on employee morale and external perceptions of its brand integrity.

Description: The California Office of the Attorney General reported a data breach involving Disney Consumer Products and Interactive Media (DCPI) on July 30, 2016. The breach occurred on July 9 and July 12, 2016, involving unauthorized access to the Playdom Forum servers, compromising usernames, email addresses, passwords, and IP addresses of user accounts, affecting an unspecified number of individuals.