Club Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned.
Club Penguin was a multiplayer online game (MMO) from 2005 to 2018, featuring a virtual world where players could engage in games, activities, and chat with other players. The game was originally created by New Horizon Interactive, which Disney later purchased.
While Club Penguin was officially shut down in 2017, and its successor, Club Penguin Island, in 2018, the game continues to live on in private servers run by fans and independent developers. Though Disney pushed back on a more prominent 'Club Penguin Rewritten' remake, causing its operators to be arrested, private servers continue to this day with thousands of players.
This week, an anonymous person uploaded a link to "Internal Club Penguin PDFs" on the 4Chan message board with the simple statement, "I no longer need these :)."
The link goes to a 415 MB archive containing 137 PDFs that contain old internal information about Club Penguin, including emails, design schematics, documentation, and character sheets. All of this data is seven years old, if not older, making it only interesting to fans of the game.
BleepingComputer has since learned that Club Penguin data is only a small part of a much larger data set stolen from Disney's Confluence server, which stores documentation for various business, software, and IT projects used internally by Disney.
According to an anonymous source, Disney's Confluence servers were breached using previously exposed credentials.
The source says that the threat actors were initially looking for Club Penguin data; they wound up downloading 2.5 GB of data about Disney's corporate strategies, advertising plans, Disney+, internal developer tools, business projects, and internal infrastructure.
"Lot more files here including internal api endpoints and credentials for things like S3 buckets," an anonymous source told BleepingComputer.
The data, seen by BleepingComputer, includes documentation on a wide variety of initiatives and projects, as well as information on internal developer tools named Helios and Communicore, which have not previously been disclosed publicly.
CommuniCore is a "high-performance asynchronous messaging library, aimed at use in distributed applications."
Helios is a show authoring and playback tool that allows Disney producers and authors to create interactive non-linear "experiences" using real world inputs from sensors in Disney's parks.
Strewn across the documents are links to internal websites used by Disney developers, which could be valuable for threat actors who wish to target the company.
While the Club Penguin data is fairly old, the rest of the data circulating on Discord is far newer, with information from 2024.
BleepingComputer was told that the original Club Penguin PDFs shared on 4Chan were stolen weeks ago. However, the Disney corporate data appears to have been downloaded much sooner, as they contain the following text, "Document generated by Confluence on Jun 01, 2024 21:59."
BleepingComputer contacted Disney multiple times with information and questions about the breach but has yet to receive a reply.
64
Club Penguin fans breached Disney Confluence server, stole 2.5GB of data
(www.bleepingcomputer.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 06 Jun 2024
64 points (100.0% liked)
technology
23313 readers
275 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS
so it's just 2.5 gb of