Watch CBS News

Disneyland Instagram fills with racially insensitive posts after account gets taken over by "super hacker"

Disneyland social media pages overtaken by racial slurs, expletives in early-morning hack
Disneyland social media pages overtaken by racial slurs, expletives in early-morning hack 02:09

A string of racially insensitive posts began to fill Disneyland's Instagram and Facebook pages early Thursday morning after the account was hacked by a self-proclaimed "super hacker."

The hacker, who referred to himself as "David Do," made their first post at around 3:50 a.m., stating that they were a "super hacker that is here to bring revenge upon Disney land," before referring to the employees using a derogatory term. 

Four posts and one story addition were made in all, where the hacker claimed to have "invented COVID and blamed it on Wuhan," and is "working on COVID20," amongst other racial slurs and expletives. 


The posts, which were deleted less than an hour later, received thousands of comments of shock and outrage from the Disneyland followers -- of which there are more than 8.4 million. 

CBS Los Angeles reached out to Disneyland Resort officials for comment, to which they released a statement that read: 

"Disneyland Resort's Facebook and Instagram accounts were compromised early this morning. We worked quickly to remove the reprehensible content, secure our accounts, and our security teams are conducting an investigation."

As far as a possible endgame goes in a scenario like this, USC Computer Science Professor Clifford Neuman suggests usually a lot more simple than one would think. 

"The purpose to things like that can simply be to try to embarrass Disney or raise the profile of the hack itself," he said, presuming that the name and image used are more than likely unassociated with the actual person doing the hacking.

Neuman believes that the attack was made possible using a classic phishing attack, where a hacker pretends to be a reputable company or person in order to get the victims to reveal personal information. 

"They send a link to a website that you click on, it looks like the site you're trying to login to. In fact, it's set up to collect your passwords, your login credentials and send them to the adversary," he continued. "I think they need to provide stronger training to whoever was responsible for those accounts."

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.