Disney's Internal Slack Breached? NullBulge Leaks 1.1 TiB of Data

Original Article ↗ Hacker News Discussion ↗

Scope and Nature of the Breach

  • Reported leak is ~1.1 TiB of data from Disney’s internal Slack; some find the “TiB vs TB” framing amusing and use it to riff on storage units.
  • Several commenters doubt it includes “everything Disney,” noting Disney has multiple Slack instances and divisions, and pre‑release content is typically on air‑gapped systems.
  • Others counter with examples like the Sony hack and argue Hollywood IT is underfunded and not especially strong, so broad compromise is plausible but still unproven.
  • Hackers allegedly lost access partway through, so there may or may not be more data that wasn’t exfiltrated in time (unclear).

Slack, Logging, and Data Retention

  • Many see this as another example of the risk of logging and retaining all internal communication.
  • Others point out large companies often have legal/archival requirements, especially in finance and heavily litigated firms.
  • Debate over retention: some advocate cold/offline or write-once storage for older data to reduce the attack surface; others note that “cold” often makes data practically unusable and is operationally hard at Disney scale.
  • Slack’s e‑discovery and admin APIs likely enabled bulk export once an admin‑level account or grid access was compromised.

Security Practices and SaaS

  • Several argue the breach is less about SaaS itself and more about basics like MFA, least-privilege, and not hoarding unnecessary data.
  • Others emphasize systemic difficulty: defenders must secure everything, while attackers need only one weakness; layoffs and outsourcing increase risk.
  • Some see little investor or regulatory downside to such breaches, which weakens incentives to improve.

Motives, Ethics, and Legality

  • The group brands itself as hacktivists for artists’ rights, allegedly reacting to Disney’s treatment of creatives and cancelled/buried projects.
  • Some think they mainly wanted to expose internal workings and shame Disney; others see it as simple chaos‑seeking or possible financial motives (e.g., extortion, shorting stock—speculative in the thread).
  • Ethical concern: public dumps harm “little people” (employees, individuals) more than executives; alternatives like proving access without full release are discussed.
  • Legality for viewers is debated: most think simply reading is unlikely to be prosecuted, but copying/distributing is more clearly problematic.

Tangent: Binary vs Decimal Storage Units

  • Large subthread debates KB vs KiB, GB vs GiB, and whether SI prefixes should have been repurposed for powers of two.
  • Some support strict use of KiB/MiB/GiB; others find those names silly or impractical and argue context‑based meanings worked better in practice.
  • Discussion highlights marketing confusion (drive sizes), technical convenience (powers of two), and the tension between standards purity and real‑world usage.