The hack that exposed more than 44 million Slack messages from Disney employees in July could have been much worse, WSJ reported on Thursday.

According to files viewed by WSJ, The breach included financial forecasts, strategic plans and sales data from the Disney corporation (plus streaming projections and theme park pass sales) and personal details of Disney cruise line members, including passports, visas, contact information and birthplaces .

Related: Disney's internal Slack messaging data leaked in the latest hack targeting a major company

In an August regulatory filing, Disney told investors that “over a terabyte of data” was part of an “unauthorized” release and that the company was investigating.

A month ago, hacker group Nullbulge claimed responsibility for the leak in a blog post, claiming they had insider data on upcoming projects and personal employee information obtained from the company's Slack messaging system.

Disney declined comment for WSJ.

“We refuse to comment on unverified information The Wall Street Journal is believed to have been obtained as a result of the illegal activity of a bad actor,” a Disney spokesperson said.