Ex-Disney Employee Charged With Hacking Menu Database
In a vengeful move against the happiest place on Earth, the former employee allegedly used his old credentials to make potentially deadly changes.
A former Disney employee was arrested and charged after allegedly hacking into the company's systems and altering its restaurant menus.
Michael Scheuer, an ex-menu production manager at Disney, was charged with violating the Computer Fraud and Abuse Act (CFAA) on three different occasions.
He was fired from this position in June, after unspecified misconduct; his dismissal was described as "contentious" and "not considered to be amicable," according to court documents.
Scheuer allegedly used his work credentials, which were still functioning after his termination, to log into the Disney menu creation system contracted by a third-party company and change the fonts in the system to Wingdings symbols.
When the menu creator was launched, it would reach for these altered font files, believing them to be correct.
"As a result of this change, all of the menus within the database were unusable because the font changes propagated throughout the database," read the complaint.
Scheuer also allegedly deleted allergen information from the menus, suggesting some foods were safe when they weren't, leading to potentially deadly consequences. The menus were identified and isolated by Disney before they could be shipped.
The menu changes caused the system to go offline for a couple of weeks and required backup to restore.
Scheuer has also been accused of being the root cause of several distributed denial-of-service attacks against several Disney employees, their information found in a folder on one of Scheuer's virtual machines, labeled "dox." According to the FBI, the evidence found in the investigation pointed to Scheuer as the perpetrator. He has been charged on two violations of the CFAA and remains in jail pending a bond hearing. If found guilty, he faces up to 15 years in prison.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024