Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Disneyland, the supposed “happiest place on earth”, has been bit by an alleged cyber attack after threat actors claimed to have exfiltrated confidential theme park data.
Disneyland Paris was listed on the dark web leak site of the Anubis ransomware gang, a group known for editorialising its listings and going into great detail.
“In this article you will find : Confidential drawings of Disneyland Paris zones and attractions, more than 4,000 photos and videos from behind the scenes of the park, specifications, documentation and contracts,” the group said.
“During the leak of data of the partner company, 39,000 files related to the construction and renovation of the Disneyland Paris location ended up in our hands. The total weight of the archive is 64 gigabytes, it is the largest data leak in the history of Disneyland Park.”
The group added that the leaks contained confidential drawings and supply plans for electricity and water for specific rides and attractions, animated scene details and engineering files, which Anubis said should be of interest to “Disneyland’s competitors”.
“The full list of rides whose drawings are affected in the archive: Frozen, Crush’s Coaster, Pirates of the Caribbean, Big Thunder Mountain, Autopia, Buzz Lightyear, Orbitron, Casey Jr., Phantom Manor, Ratatouille, and others,” Anubis added.
It also posted photos and videos of Disneyland’s back-end operations, including behind attractions, night photos of maintenance and more.
As Anubis pointed out, Disneyland employees are prohibited from publishing photos of internal and behind-the-scenes operations.
“In its NDAs, which Disneyland signs with its employees – strictly prohibits any publication of photos and videos of the internal workings of the park,” Anubis said.
“Disneyland Paris strictly monitors media leaks and removes all such photos from the internet. Thus they unintentionally caused the Barbra Streisand effect. This leak contains more than 4,000 photos and videos of the park’s behind-the-scenes work.”
Anubis is threatening to leak the 64 gigabytes of “top secret” Disneyland Paris data in just over two days at the time of writing. It has not disclosed who the “partner” company it claims to have breached is, nor has it alluded to communications between itself and Disney beginning. It is also unclear whether or not customer or employee personal data has been compromised.
Disneyland Paris has not yet publicly acknowledged the cyber incident. Cyber Daily has reached out to Disneyland Paris for comment on the incident.
Be the first to hear the latest developments in the cyber industry.
