Hacker pleads guilty to illegally accessing Disney Slack channels and stealing huge tranche of data

Disney Plus app
(Image credit: Shutterstock)

  • Hacker pleads guilty to accessing confidential Disney files
  • Disney's private Slack channels were breached in the attack
  • The leak led Disney to switch from Slack to Microsoft Teams

A Santa Clara man who created an AI image generation tool that deployed hidden malware has pleaded guilty to stealing over 1.1 TB of internal company data after illegally accessing Disney’s internal Slack channels.

The hacker, Ryan Mitchell Kramer, who went by the name “NullBulge” was charged with one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer, the US Attorney’s Office for the Central District of California reported.

The incident had wide reaching consequences, with Disney choosing to ditch Slack in favour of Microsoft teams following the breach. Over 10,000 Slack channels were involved in the incident, and confidential data including internal communications and sensitive information like images, source code and credentials were compromised.

A malicious programme

Kramer reportedly accepted a plea deal, pleading guilty to the two felony charges that each carry a statutory maximum sentence of five years in federal prison - but he has not yet been sentenced.

The plea deal outlines that in early 2024, Kramer “posted a computer program on various online platforms, including GitHub, that purported to be computer program that could be used to create A.I.-generated art. In fact, the program contained a malicious file that enabled Kramer to gain access to victims’ computers.”

After the victim downloaded the malicious file, Kramer accessed Disney’s information through the victim’s personal computer, where he stored login credentials for personal and professional accounts.

After the hacker accessed these accounts, he downloaded over 1.1TB of data from Disney, which was then publicly released alongside the victims bank, medical, and personal information.

According to the report, the FBI is currently investigating the possibility of at least two more victims hit by similar attacks by Kramer

You might also like

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.