Hacker pleads guilty to illegally accessing Disney Slack channels and stealing huge tranche of data
“NullBulge” deployed credential stealing malware

- Hacker pleads guilty to accessing confidential Disney files
- Disney's private Slack channels were breached in the attack
- The leak led Disney to switch from Slack to Microsoft Teams
A Santa Clara man who created an AI image generation tool that deployed hidden malware has pleaded guilty to stealing over 1.1 TB of internal company data after illegally accessing Disney’s internal Slack channels.
The hacker, Ryan Mitchell Kramer, who went by the name “NullBulge” was charged with one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer, the US Attorney’s Office for the Central District of California reported.
The incident had wide reaching consequences, with Disney choosing to ditch Slack in favour of Microsoft teams following the breach. Over 10,000 Slack channels were involved in the incident, and confidential data including internal communications and sensitive information like images, source code and credentials were compromised.
A malicious programme
Kramer reportedly accepted a plea deal, pleading guilty to the two felony charges that each carry a statutory maximum sentence of five years in federal prison - but he has not yet been sentenced.
The plea deal outlines that in early 2024, Kramer “posted a computer program on various online platforms, including GitHub, that purported to be computer program that could be used to create A.I.-generated art. In fact, the program contained a malicious file that enabled Kramer to gain access to victims’ computers.”
After the victim downloaded the malicious file, Kramer accessed Disney’s information through the victim’s personal computer, where he stored login credentials for personal and professional accounts.
After the hacker accessed these accounts, he downloaded over 1.1TB of data from Disney, which was then publicly released alongside the victims bank, medical, and personal information.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
According to the report, the FBI is currently investigating the possibility of at least two more victims hit by similar attacks by Kramer
You might also like
- Take a look at our picks for the best malware removal software around
- Check out our choice for best antivirus software
- One of the most powerful ransomware hacks around has been cracked using some serious GPU power

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.