Disney suffers massive internal communications data leak after cyberattack
Speculations on the method
Cybersecurity experts pointed out that in recent incidents, hackers have breached Slack accounts by exploiting stolen or leaked API keys.
“Developers often integrate Slack into their automation tools, and in the process, sometimes accidentally leak these keys on code-sharing sites like GitHub or API platforms like Postman,” said Rahul Sasi, CEO of CloudSEK. “For example, in the Disney leak, hackers gained access to public chat rooms. This occurred because Slack API keys, by default, typically have access to public Slack rooms.”
Others added that while it’s too early to comment definitively on the cause of such a massive breach, common factors like weak passwords, phishing, and social engineering might not have compromised multiple Slack channels.