Disney Hacker Pleads Guilty For Stealing 1.1 Terabytes of Internal Company Data

“By accessing the victim’s Disney Slack account, the defendant gained access to non-public Disney Slack channels, and in or around May 2024, the defendant downloaded approximately 1.1 terabytes of confidential data from thousands of Disney Slack channels,” states the plea agreement reviewed by authorities. After receiving no response, Kramer released the stolen information on July 12, 2024, exposing Disney’s confidential communications and the employee’s personal information, including banking and medical details. In July 2024, Kramer contacted the victim via email and Discord, posing as a member of a fictitious Russian hacktivist group called “NullBulge.” He threatened to release the stolen data unless the victim cooperated. A California man has agreed to plead guilty to federal charges after hacking into a Disney employee’s computer and stealing a massive trove of confidential corporate data, federal prosecutors announced yesterday. Between April and May 2024, a Disney employee downloaded the program, unwittingly allowing Kramer to access the victim’s personal computer. According to the U.S. Department of Justice, Ryan Mitchell Kramer, 25, of Santa Clarita, will plead guilty to one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer. The data breach reportedly contained millions of internal messages, including sensitive information about Disney’s theme park operations, streaming revenues, and strategic planning documents not typically shared with investors. “We are pleased that the individual has been charged and agreed to plead guilty to federal charges,” a Disney spokesperson said in a statement. Once inside, Kramer obtained login credentials stored in the employee’s password manager, which he then used to infiltrate Disney’s internal Slack messaging platform. In this plea agreement, Kramer also admitted that at least two other victims downloaded his malicious software, giving him unauthorized access to their computers and accounts. According to court documents, in early 2024, Kramer posted what appeared to be AI art generation software on several online platforms, including GitHub.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 02 May 2025 02:35:07 +0000


Cyber News related to Disney Hacker Pleads Guilty For Stealing 1.1 Terabytes of Internal Company Data

Disney Hacker Pleads Guilty For Stealing 1.1 Terabytes of Internal Company Data - “By accessing the victim’s Disney Slack account, the defendant gained access to non-public Disney Slack channels, and in or around May 2024, the defendant downloaded approximately 1.1 terabytes of confidential data from thousands of ...
1 month ago Cybersecuritynews.com
Hacker 'NullBulge' pleads guilty to stealing Disney's Slack data - The Department of Justice says that Kramer then contacted Van Andel, posing as a Russian hacktivist group called "NullBulge," warning that his personal information and Disney's stolen Slack data would be published if he didn't cooperate. "By ...
1 month ago Bleepingcomputer.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
8 months ago Aws.amazon.com
Hacker 'ShinyHunters' Pleads Not Guilty in Cybercrime Case - A hacker known as 'ShinyHunters' has pleaded not guilty in a case of cybercrime. The hacker is accused of taking part in illegal activities to steal data from victims, including passwords, credit card information, and other personal details. The ...
2 years ago Blog.cloudflare.com Hunters
Hacker leaks millions of new 23andMe genetic data profiles - A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe ...
1 year ago Bleepingcomputer.com Rocke Hunters
Ex-Ubiquiti Programmer Admits to Attempting to Blackmail Company - Nickolas Sharp, a former employee of Ubiquiti, a networking device maker, pleaded guilty today to stealing a large amount of data from the company's network and attempting to extort them while pretending to be an anonymous hacker and whistleblower. ...
2 years ago Bleepingcomputer.com
ShinyHunters Hacker Pleads Not Guilty to Data Theft Charges - A hacker associated with the ShinyHunters group, identified as Paul Gubarev, has pleaded not guilty to data theft charges as pleaded in a recent court hearing. The hacker is accused of stealing over 500 million sensitive information belonging to ...
2 years ago Blog.cloudflare.com Hunters
Shimano's Cyber Siege: A Saga of Resistance Against Ransomware - Shimano Industries, a prominent Japanese multinational manufacturing company specializing in cycling components, fishing tackle, and rowing equipment, seems to have been hit by a massive data breach by the ransomware attacker LockBit, who has ...
1 year ago Cysecurity.news LockBit
Cybersecurity firm executive pleads guilty to hacking hospitals - The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center, in June 2021 to boost his company's business. Vikas Singla, who worked for Securolytics, a network ...
1 year ago Bleepingcomputer.com
Trickbot Malware Developer Pleads Guilty - A 40-year-old Russian national, Vladimir Dunaev, pleaded guilty for developing and deploying Trickbot malware. Trickbot, a suite of malware tools, targeted hospitals and businesses, causing millions in losses. Trickbot is a sophisticated modular ...
1 year ago Gbhackers.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
11 months ago Securityweek.com Silence
Security hacker ShinyHunters Pleads Not Guilty of Stealing Data from Just Eat, PicsArt, ChatBooks and HomeChef - A security hacker, ShinyHunters, has recently pled not guilty for stealing data from Just Eat, PicsArt, ChatBooks and HomeChef. ShinyHunters is accused of cyberattacks and illegal activities, including obtaining unauthorised access to sensitive data, ...
2 years ago Blog.cloudflare.com Hunters
Ex-Amazon engineer pleads guilty to hacking crypto exchanges - Former Amazon security engineer Shakeeb Ahmed pleaded guilty this week to hacking and stealing over $12.3 million from two cryptocurrency exchanges in July 2022. The two affected companies are Nirvana Finance, a decentralized crypto exchange, and an ...
1 year ago Bleepingcomputer.com
Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity - COMMENTARY. Global data privacy laws were created to address growing consumer concerns about individual privacy. These laws include several best practices for businesses about storing and using consumers' personal data so that the exposure of ...
1 year ago Darkreading.com
Former Ubiquiti Employee Pleads Guilty to Data Extortion and Insider Attack - A former employee of the technology company Ubiquiti, Nickolas Sharp, pleaded guilty on Thursday in a Manhattan federal courtroom on charges related to perpetrating an audacious insider attack on his employer. Sharp, 37, was a senior software ...
2 years ago Therecord.media
Decoding the data dilemma: Strategies for effective data deletion in the age of AI - Businesses today have a tremendous opportunity to use data in new ways, but they must also look at what data they keep and how they use it to avoid potential legal issues. Forrester predicts a doubling of unstructured data in 2024, driven in part by ...
1 year ago Venturebeat.com
Hacking Protected Java-Based Programs - This article provides examples of hacking techniques that can help Java developers avoid vulnerabilities in their programs. It is not intended to train hackers but rather for naive developers who think that standard obfuscators will save them from ...
1 year ago Feeds.dzone.com
361 million stolen accounts leaked on Telegram added to HIBP - A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check ...
11 months ago Bleepingcomputer.com
Ex-Navy IT head gets 5 years for selling people's data on darkweb - Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens' personally identifiable information and selling it on the dark web. The man was indicted with his ...
1 year ago Bleepingcomputer.com Hunters
Seoul Police Reveals: North Korean Hackers Stole South Korean Anti-Aircraft Data - South Korea: Seoul police have charged Andariel, a North Korea-based hacker group for stealing critical defense secrets from South Korea's defense companies. Allegedly, the laundering ransomware is redirected to North Korea. One of the 1.2 terabytes ...
1 year ago Cysecurity.news Andariel Lazarus Group
ExUbiquiti Staff Member Admits to Pretending to be a Cybercriminal - Nickolas Sharp, a former employee of Ubiquiti, has confessed in court to misusing his company-provided credentials to steal data and then attempting to extort the company. Sharp, 37, of Portland, Oregon, was a senior developer at the New York ...
2 years ago Securityweek.com
Clear Spring Life and Annuity Company Announces Data Breach Following Ransomware Attack - On November 21, 2023, Clear Spring Life and Annuity Company filed a notice of data breach with the Attorney General of California after discovering a February 2023 ransomware attack. In this notice, Clear Spring explains that the incident resulted in ...
1 year ago Jdsupra.com
How Can DSPM Prevent High-Profile Breaches? - In early October 2023, a DNA testing company for ancestry discovery purposes, 23andMe, disclosed that it suffered a data breach. On the 5th of December 2023, the company shared that the data breach was more damaging than was initially reported. On ...
1 year ago Gbhackers.com
US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy - The US Department of Justice has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney ...
2 years ago Csoonline.com