Walt Disney Co. (DIS) is facing the consequences of a major data leak that occurred earlier this year. The leak, which exposed over a terabyte of sensitive information, has revealed crucial financial and strategic data, including details about the company’s streaming services, theme parks, and customer information.
The Wall Street Journal reported that the hacked data includes financial figures from Disney+, ESPN+, and park passes like Genie+. The leak also exposed personal information of some Disney staff members and customers. The hacktivist group Nullbulge claimed responsibility for the leak, posting over 44 million messages online.
The leaked information revealed revenue figures and financial performance details of Disney’s theme parks and streaming services. According to a leaked spreadsheet, the Genie+ premium pass generated over $724 million in revenue at Walt Disney World alone between October 2021 and June 2024. The documents also revealed that Disney+ contributed $2.4 billion in revenue during the March quarter, accounting for approximately 43% of the company’s direct-to-consumer business, which includes Hulu and ESPN+.
Despite the data breach, Disney’s streaming unit, which competes with companies like Netflix (NFLX), returned to profitability for the first time in the third quarter, posting an operating profit of $47 million. The company has also stated that it is on track for its combined streaming businesses to become profitable in the fourth quarter.
Disney’s theme park business continues to recover from the pandemic, with revenue from U.S. parks and experiences increasing by 3% to $5.82 billion in the third quarter.
DIS stock was down 0.15% at $88.52 premarket on Friday.
This incident highlights the increasing vulnerability of even the largest companies to cyberattacks. As Disney navigates its recovery from the pandemic and faces growing competition in the streaming market, this data breach adds another layer of complexity to its challenges.