Man hacks Disney employee’s computer, then leaks confidential data, feds say
A California man tricked a Disney employee into clicking what federal prosecutors said was a “malicious” file he posted online, allowing him to hack into the worker’s personal computer and steal confidential company data.
Now, Ryan Mitchell Kramer, 25, will plead guilty to the hacking scheme that escalated into him publicly leaking scores of private files belonging to The Walt Disney Co. — and the employee’s personal information in July, according to the U.S. Attorney’s Office for the Central District of California.
The files were stolen from Disney’s Slack channels, after prosecutors said Kramer gained access to the employee’s Slack login information. Slack, a communications platform used by a variety of companies, is an online workspace that allows employees to collaborate and exchange ideas and files.
Kramer, of Santa Clarita in Los Angeles County, has agreed to plead guilty to charges of accessing a computer and obtaining information and one count of threatening to damage a protected computer, the U.S. Attorney’s Office said in a May 1 news release.
Attorney information for Kramer wasn’t immediately available.
In a statement to McClatchy News on May 2, a Disney spokesperson said “we are pleased that this individual has been charged and has agreed to plead guilty to federal charges.”
“We remain committed to working closely with law enforcement, as we did in this case, to ensure that cybercriminals are brought to justice,” the spokesperson added.
Before the leak, Kramer sent a series of threats to the employee, warning that he’d release their private information and about 1.1 terabytes of data he stole from Disney’s Slack channels, prosecutors said.
Kramer emailed and messaged the employee over Discord while posing as a member of a hacking group called “NullBulge,” according to prosecutors.
After the employee didn’t answer Kramer, prosecutors said Kramer followed through on his threats on July 12.
Alongside publicizing Disney’s data, Kramer released the employee’s banking, medical, and other information on “multiple online platforms,” according to prosecutors.
How did the computer get hacked?
Kramer acknowledged in his plea agreement that the Disney employee is one of at least three individuals whose computers he hacked.
He did so, according to prosecutors, by posting what looked like a computer program “that could be used to create A.I.-generated art.”
Kramer shared the computer program to a variety of sites in early 2024, according to his plea agreement.
The Disney employee, in April and May of 2024, downloaded the program that had a harmful file that let Kramer hack their computer, prosecutors said. The two other individuals mentioned in Kramer’s plea agreement downloaded the same program.
With access to the employee’s computer, prosecutors said Kramer found and accessed an online account they used to keep different login credentials for their personal and work accounts.
Kramer is facing up to five years in prison on both counts in the plea, according to the U.S. Attorney’s Office.
The FBI continues to investigate the hack.
Kramer’s initial appearance at the federal courthouse in Los Angeles is expected to take place “in the coming weeks,” prosecutors said.
This story was originally published May 2, 2025 at 12:53 PM with the headline "Man hacks Disney employee’s computer, then leaks confidential data, feds say."
.jpg)