Hacker pleads guilty to illegally accessing Disney Slack channels and stealing huge tranche of data

• Hacker pleads guilty to accessing confidential Disney files
• Disney's private Slack channels were breached in the attack
• The leak led Disney to switch from Slack to Microsoft Teams

A Santa Clara man who created an AI image generation tool that deployed hidden malware has pleaded guilty to stealing over 1.1 TB of internal company data after illegally accessing Disney’s internal Slack channels.

The hacker, Ryan Mitchell Kramer, who went by the name “NullBulge” was charged with one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer, the US Attorney’s Office for the Central District of California reported.

The incident had wide reaching consequences, with Disney choosing to ditch Slack in favour of Microsoft teams following the breach. Over 10,000 Slack channels were involved in the incident, and confidential data including internal communications and sensitive information like images, source code and credentials were compromised.

A malicious programme

Kramer reportedly accepted a plea deal, pleading guilty to the two felony charges that each carry a statutory maximum sentence of five years in federal prison - but he has not yet been sentenced.

The plea deal outlines that in early 2024, Kramer “posted a computer program on various online platforms, including GitHub, that purported to be computer program that could be used to create A.I.-generated art. In fact, the program contained a malicious file that enabled Kramer to gain access to victims’ computers.”

After the victim downloaded the malicious file, Kramer accessed Disney’s information through the victim’s personal computer, where he stored login credentials for personal and professional accounts.

After the hacker accessed these accounts, he downloaded over 1.1TB of data from Disney, which was then publicly released alongside the victims bank, medical, and personal information.

According to the report, the FBI is currently investigating the possibility of at least two more victims hit by similar attacks by Kramer

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• One of the most powerful ransomware hacks around has been cracked using some serious GPU power