In 2007, The Walt Disney Company purchased Club Penguin, an online game for kids. At the time, it was one of the most significant gaming/online communities for children, boasting more than 200 million users. Disney paid $350 million to buy the online game.
However, by 2017, Club Penguin’s popularity had waned, and Disney decided to shut it down and replace it with the 3-D Club Penguin Island. By 2018, Club Penguin Island was also shut down.
However, the Club Penguin fans resurrected the game on a private server. Since Disney wasn’t getting paid for the use of its game, Disney shut down Club Penguin Rewritten, and three of the online game’s developers were arrested.
It would now seem that those Club Penguin fans have gotten their revenge on The Walt Disney Company by hacking a Disney Confluence server and stealing 2.5 GB of data. Initially, the data was believed only to be old user data from the online game; however, it has since been learned that the breach included internal corporate data, advertising plans, Disney+ data, and internal corporate plans.
This club penguin leak is insane because sure it's probably not totally canon because it wasn't released publically BUT ALSO ROOKIE'S WORDS ARE ALMOST USED EXACTLY IN HIS BOOK!!!
Is he actually a teen tho omg pic.twitter.com/Y0RkkFB3vk— Monkee (@BurntBeanies) June 7, 2024
When an anonymous source posted thousands of documents from the original Club Penguin game, Disney realized the breach. The documents included user data like emails, game designs, and character lists. This data was more than even years old and of little interest to anyone outside of the hardcore Club Penguin fans.
However, once the hackers got beyond the original Club Penguin information, they realized that they had hacked Disney developers and had a treasure trove of information on the company’s internal workings and future plans.
According to Bleeping Computer, the date includes “documentation on a wide variety of initiatives and projects, as well as information on internal developer tools named Helios and Communicore, which have not previously been disclosed publicly.”
FROM THE LEAKED CLUB PENGUIN DOCUMENTS😭 pic.twitter.com/z3Hpm6rizd
— DoodleLTG IMGS (@doodleltg_imgs) June 4, 2024
The information obtained in the breach included stolen data on internal websites used by Disney developers, information on “non-linear” experiences within Disney Parks, and a messaging library used in certain Disney apps.
Outside of the internal Disney Company information, it is still unclear if the stolen data includes any customer information from Disney+, Disney’s Parks, or ShopDisney. Bleeping Computer contacted Disney for comment, but the company did not respond.
Since this information recently came to light, Disney will need time to assess the data taken and whether the hack includes sensitive information about guests and employees.
Are you concerned about your data coming out in the Club Penguin leak?