Alleged Club Penguin Hackers Swipe 2.5 GB of Data from Disney, Sources Say
When Disney shut down Club Penguin in 2017, many upset fans were left without their beloved virtual penguin world. Recently, it was revealed that hackers breached Disney’s servers in search of old Club Penguin secrets, but instead made off with 2.5 GB of current internal information about Disney’s larger operations.
Data Breach and Stolen Information
An anonymous individual shared a link to “Club Penguin internal PDFs” on a 4Chan message board with the cheeky message: “Don’t need these anymore :).” The link contained 137 PDF files with old Club Penguin info, but reports suggest that this was just a fraction of the data taken. The breach exposed details dating back to June 2024, including Disney+ info, corporate strategies, advertising plans, and internal tools. Allegedly, the breach was made possible by using previously leaked credentials.
Disney’s Reaction and Revealed Data
Disney has yet to respond to requests for comment on the situation. BleepingComputer uncovered details about internal development tools like Helios and Communicore, previously unknown to the public. Helios is a tool for creating interactive experiences using real-world inputs from Disney parks, while Communicore is a messaging library for distributed applications.
Potential Risks and Consequences
The stolen data also includes links to internal Disney websites, posing further risks from potential threat actors. The exposed information is said to have come from Disney’s Confluence server, where internal documentation is stored. Despite Club Penguin’s closure, its dedicated fan base still exists. Unauthorized reboots have been shut down before by Disney, including the popular “Club Penguin Rewritten.” Some fans’ resentment towards Disney may have been a driving force behind this recent hack.
