“By accessing the victim’s Disney Slack account, the defendant gained access to non-public Disney Slack channels, and in or around May 2024, the defendant downloaded approximately 1.1 terabytes of confidential data from thousands of Disney Slack channels,” states the plea agreement reviewed by authorities. After receiving no response, Kramer released the stolen information on July 12, 2024, exposing Disney’s confidential communications and the employee’s personal information, including banking and medical details. In July 2024, Kramer contacted the victim via email and Discord, posing as a member of a fictitious Russian hacktivist group called “NullBulge.” He threatened to release the stolen data unless the victim cooperated. A California man has agreed to plead guilty to federal charges after hacking into a Disney employee’s computer and stealing a massive trove of confidential corporate data, federal prosecutors announced yesterday. Between April and May 2024, a Disney employee downloaded the program, unwittingly allowing Kramer to access the victim’s personal computer. According to the U.S. Department of Justice, Ryan Mitchell Kramer, 25, of Santa Clarita, will plead guilty to one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer. The data breach reportedly contained millions of internal messages, including sensitive information about Disney’s theme park operations, streaming revenues, and strategic planning documents not typically shared with investors. “We are pleased that the individual has been charged and agreed to plead guilty to federal charges,” a Disney spokesperson said in a statement. Once inside, Kramer obtained login credentials stored in the employee’s password manager, which he then used to infiltrate Disney’s internal Slack messaging platform. In this plea agreement, Kramer also admitted that at least two other victims downloaded his malicious software, giving him unauthorized access to their computers and accounts. According to court documents, in early 2024, Kramer posted what appeared to be AI art generation software on several online platforms, including GitHub.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 02 May 2025 02:35:07 +0000