A Southern California man faces up to 10 years in federal prison after orchestrating a devastating corporate cyberattack. Ryan Mitchell Kramer of Santa Clarita officially signed a federal plea agreement following an extensive FBI investigation. The 25-year-old hacker admitted to infiltrating internal networks and stealing a staggering 1.1 terabytes of confidential Disney data.
The Department of Justice charged Kramer with two federal felonies, including unauthorized computer access and threatening to damage a protected computer. Prosecutors revealed that Kramer systematically laid a digital trap by uploading a infected program to online code-sharing platforms like GitHub. He disguised the malicious software as a legitimate, open-source artificial intelligence art generation tool to attract tech-focused digital creators.
Infiltrating Disney’s Corporate Infrastructure
The elaborate ruse succeeded when a Burbank-based Walt Disney Company software development manager downloaded the contaminated AI file to a personal device. The hidden malware quickly breached the computer and scraped the manager’s secure login credentials and password manager profiles. Kramer then used those stolen corporate passwords to bypass standard corporate security walls.
The hacker gained unauthorized access to thousands of private, non-public Disney enterprise Slack communication channels over a multi-week period. He systematically downloaded a massive corporate storehouse of information dating back to 2019. The stolen files included 44 million internal employee messages, proprietary computer source code, and unreleased studio project descriptions. Kramer also lifted sensitive financial spreadsheets detailing revenue metrics for regional theme parks and major streaming platforms like Disney+.
Data Leak Forces Global Corporate Shift
In July 2024, Kramer attempted to blackmail the entertainment giant by directly contacting the targeted employee via email and Discord. He hid behind a fake persona, pretending to represent a fictional Russian hacktivist collective named NullBulge. Kramer claimed the group fought for digital artists’ rights against corporate AI use, threatening a full public leak if Disney ignored his demands.
When the employee did not respond to the extortion messages, Kramer aggressively retaliated by doxxing the worker online. He published the manager’s private medical details, passport scans, and personal bank accounts alongside the entire corporate database on public cybercrime forums. The devastating security breach caused severe operational fallout, ultimately forcing Disney to permanently abandon the Slack platform worldwide for its global corporate communications.
To keep up to date on all the latest Disney news and more, be sure to follow Disney Dorks on Facebook!