California Man Pleads Guilty to 2024 Disney Slack Hack

A California man has pleaded guilty to hacking Disney’s company Slack channel in 2024, which led to the release of over 1.1 terabytes of confidential data.

The leaked data included revenue figures for products like Disney+ and ESPN+, as well as personal information on current and prospective Disney employees, and login credentials that could be used to access its cloud infrastructure. The hack had big consequences for Slack, too, causing the entertainment giant to drop the tool entirely last year.

In a plea deal, Santa Clarita resident Ryan Mitchell Kramer, 25, admitted that he gained access to a Disney employee’s personal computer and admitted to attempting to extort them, while claiming to be part of a fake Russian hacktivist group called “NullBulge.”

Kramer now faces a total maximum sentence for all offenses of 10 years’ imprisonment, as well as a fine of $500,000.

According to the court filing, Kramer posted a malicious computer program on online platforms, like GitHub, in early 2024, claiming the software could be used to create AI-generated art. A Disney employee is thought to have then downloaded the malicious program between April and May 2024, which then stole the victim’s stored login credentials and passwords for their personal and work accounts.

After using the login to steal the treasure trove of data from Disney’s company Slack, Kramer then contacted them on the messaging platform Discord, demanding payments in exchange for not releasing the stolen data and their personal information. In addition to the Disney employee, the man admitted that at least two other victims downloaded the malicious file, and he was also able to gain unauthorized access to their computers and accounts.

“We are pleased that this individual has been charged and has agreed to plead guilty to federal charges,” a Disney spokesperson told SFGATE, one of the first places to pick up the news.

They added: “We remain committed to working closely with law enforcement, as we did in this case, to ensure that cybercriminals are brought to justice.” 

Many of the world’s largest entertainment companies have been targeted by hackers looking to ransom their data, including information about big upcoming releases. We’ve seen everyone from Sony Pictures to Netflix to HBO to Cyberpunk 2077 developer CD Projekt targeted by these types of attacks. 

In 2017, a 29-year-old Iranian national was indicted for hacking HBO and demanding $6 million in Bitcoin in exchange for not posting unaired TV episodes from various HBO series, as well as a script for an upcoming Game of Thrones episode.

About Will McCurdy

Contributor

I’m a reporter covering weekend news. Before joining PCMag in 2024, I picked up bylines in BBC News, The Guardian, The Times of London, The Daily Beast, Vice, Slate, Fast Company, The Evening Standard, The i, TechRadar, and Decrypt Media.

I’ve been a PC gamer since you had to install games from multiple CD-ROMs by hand. As a reporter, I’m passionate about the intersection of tech and human lives. I’ve covered everything from crypto scandals to the art world, as well as conspiracy theories, UK politics, and Russia and foreign affairs.

Read Will’s full bio

Read the latest from Will McCurdy