Ransomware cyber

Disneyland Paris

Jun 21, 2025 1 min read
Disneyland Paris

The infamous Anubis ransomware gang has listed Disneyland Paris as its latest victim. The group posted details of the alleged breach on its dark web leak site, stating that the stolen data archive totals 64GB. The data was acquired during a breach involving one of Disneyland’s partner companies. The archive includes plans for various park attractions such as Frozen, Crush’s Coaster, Pirates of the Caribbean, Big Thunder Mountain, Autopia, Buzz Lightyear, Orbitron, Casey Jr., Phantom Manor, Ratatouille, and more. The group noted that Disneyland typically signs NDAs with employees, strictly prohibiting them from sharing internal material publicly. The post does not specify whether any customer or visitor information is included in the files. It also does not clarify if a ransom demand has been issued to Disneyland Paris.

Source: https://hackread.com/anubis-ransomware-lists-disneyland-paris-new-victim/

TPRM report: https://scoringcyber.rankiteo.com/company/disneyland-paris

"id": "dis001062125",
"linkid": "disneyland-paris",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Theme Park',
                        'location': 'Paris, France',
                        'name': 'Disneyland Paris',
                        'type': 'Entertainment'}],
 'data_breach': {'data_exfiltration': True,
                 'file_types_exposed': ['Images',
                                        'Videos',
                                        'Drawings',
                                        'Engineering-related work'],
                 'number_of_records_exposed': '39,000 files',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Construction and renovation '
                                              'files',
                                              'Plans for various park '
                                              'attractions']},
 'date_publicly_disclosed': '2025-06-12',
 'description': 'The Anubis ransomware gang has listed Disneyland Paris as its '
                'latest victim, posting details of the alleged breach on its '
                'dark web leak site, claiming a 64GB data archive was stolen.',
 'impact': {'data_compromised': ['Construction and renovation files',
                                 'Plans for various park attractions']},
 'initial_access_broker': {'data_sold_on_dark_web': True,
                           'high_value_targets': ['Disneyland Paris']},
 'investigation_status': 'Unverified',
 'motivation': ['Financial Gain', 'Data Leak'],
 'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'Anubis'},
 'references': [{'source': 'Hackread.com'}],
 'threat_actor': 'Anubis Ransomware Gang',
 'title': 'Anubis Ransomware Attack on Disneyland Paris',
 'type': 'Ransomware Attack'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.