The Disney group had to realize that even large companies are not safe from attackers. A few days ago, the Disneyland Instagram account with 8,4 million followers was hacked and used for racist, homophobic and insensitive posts. The entries have already been deleted, but the image damage remains.
The posts went online before 5 a.m. and were soon removed, but not before many of the 8,4 million followers saw or screenshotd the posts. Disneyland's hacked Instagram account has irritated many visitors. Finally, instead of cool park news and funny pictures, there were suddenly racist, homophobic and insensitive posts. Anyone who knows Disney quickly knew that these contributions cannot come from the group.
Disneyland Instagram account with 8,4 million followers
"Disneyland Resort's Facebook and Instagram accounts were compromised early this morning," the company said in a statement. "We worked quickly to remove the objectionable content, secure our accounts and our security teams are conducting an investigation." Ian McShane, Vice President of Strategy at Arctic Wolf.
“The news that Disneyland's social media accounts were compromised to spread racist and offensive messages is an example of how money and data collection aren't cybercriminals' only motives. Some simply want to damage the reputation and reputation of companies and organizations. Popular accounts with a lot of followers will always be a target for threat actors – experienced attackers as well as casual and amateur hackers.”
Hacker attack still unclear
"While the reasons for the breach aren't fully understood, the shock to Disney's 8,4 million followers should serve as a lesson for businesses of all sizes: social media accounts may not contain highly sensitive data, but they can be misused to disrupting and damaging the business operations of companies. That being said, there is a high probability that these types of compromises are due to a phishing or credential stuffing incident. This could have been prevented with multi-factor authentication. However, MFA does not appear to be a requirement for verified Instagram accounts. While we don't yet know the impact of the hack, protecting all aspects of an organization's digital infrastructure, including employees, must be high on the agenda of security teams.”
About Ian McShane
Ian McShane brings over 20 years of cybersecurity and operational IT experience. A former Gartner analyst, he has advised on the world's largest and fastest growing technology companies, as well as tens of thousands of organizations worldwide. Before joining Arctic Wolf, Ian McShane worked at Symantec, Gartner, Endgame, Elastic and CrowdStrike.
More at ArcticWolf.com
About Arctic Wolf Arctic Wolf is a global leader in security operations, providing the first cloud-native security operations platform to mitigate cyber risk. Based on threat telemetry spanning endpoint, network and cloud sources, the Arctic Wolf® Security Operations Cloud analyzes more than 1,6 trillion security events per week worldwide. It provides company-critical insights into almost all security use cases and optimizes customers' heterogeneous security solutions. The Arctic Wolf platform is used by more than 2.000 customers worldwide. It provides automated threat detection and response, enabling organizations of all sizes to set up world-class security operations at the push of a button.