Credit: DisneyIn a serious breach of digital security, a Santa Clarita man has agreed to plead guilty to two felony charges after illegally accessing the internal communications of The Walt Disney Company, leading to the theft of confidential data.
Federal prosecutors announced that Ryan Mitchell Kramer, 25, admitted to hacking the personal computer of a Disney employee and using stolen login credentials to gain access to sensitive information stored in Disney’s internal Slack communications platform.
The Hack: A Fake AI Tool With a Hidden Agenda
According to court documents, Kramer developed and distributed a program online in early 2024 under the guise of an artificial intelligence art generation tool. He posted it on multiple platforms, including GitHub, enticing unsuspecting users to download it. Unbeknownst to them, the program contained malicious software designed to compromise personal computers.
Between April and May 2024, a Disney employee downloaded the file, granting Kramer unauthorized access to a treasure trove of sensitive data — including login credentials for both personal and work-related accounts.
Inside Access to Disney Slack
Once Kramer accessed the victim’s device, he used the stolen credentials to enter Disney’s private Slack workspace, giving him full visibility into thousands of internal communication channels. By May 2024, he had downloaded approximately 1.1 terabytes of non-public Disney information.
This type of breach is rare and concerning given Disney’s longstanding efforts to keep upcoming projects, company strategy, and internal workflows tightly under wraps.
Threats and Blackmail
Kramer didn’t stop at data theft. In July 2024, he contacted the Disney employee using email and Discord, posing as a member of a fictitious Russian hacktivist group dubbed “NullBulge.” He threatened to leak both the stolen Disney files and the employee’s personal, financial, and medical data unless his demands were met.
When the victim didn’t respond, Kramer made good on his threat on July 12, 2024, publishing the information across several online platforms.
Wider Impact and Legal Fallout
Kramer’s malware impacted at least two other victims in addition to the Disney employee. He is now facing two felony charges: one count of accessing a computer to obtain information and one count of threatening to damage a protected computer. Each charge carries a potential maximum sentence of five years in federal prison.
The FBI continues to investigate the incident. Kramer is expected to make his initial court appearance in downtown Los Angeles in the coming weeks.
What This Means for Disney Fans
While Disney has not yet commented publicly on the extent of the breach, such incidents raise growing concerns about cybersecurity in the entertainment industry. As more workflows and development pipelines move to the cloud, the importance of digital vigilance — from both employees and the company — becomes more critical than ever.
Fans may never know exactly what was compromised in the Slack leak, but with over a terabyte of internal Disney data exposed, this marks one of the most substantial digital breaches the company has faced.