Disney in Crisis: Hacker Who Released Sensitive Files Finally Caught and Facing Extreme Charges
In a shocking breach of digital security, a 25-year-old Santa Clarita man has agreed to plead guilty to two felony charges after illegally accessing the internal communications of The Walt Disney Company. Ryan Mitchell Kramer's actions have sent shockwaves through the entertainment industry, raising concerns about cybersecurity and the importance of digital vigilance.
According to federal prosecutors, Kramer developed and distributed a program online in early 2024 under the guise of an artificial intelligence art generation tool. He posted it on multiple platforms, including GitHub, enticing unsuspecting users to download it. Unbeknownst to them, the program contained malicious software designed to compromise personal computers.
Between April and May 2024, a Disney employee downloaded the file, granting Kramer unauthorized access to a treasure trove of sensitive data — including login credentials for both personal and work-related accounts. Once Kramer accessed the victim's device, he used the stolen credentials to enter Disney's private Slack workspace, giving him full visibility into thousands of internal communication channels.
By May 2024, Kramer had downloaded approximately 1.1 terabytes of non-public Disney information. This type of breach is rare and concerning given Disney's longstanding efforts to keep upcoming projects, company strategy, and internal workflows tightly under wraps.
Kramer didn't stop at data theft. In July 2024, he contacted the Disney employee using email and Discord, posing as a member of a fictitious Russian hacktivist group dubbed “NullBulge.” He threatened to leak both the stolen Disney files and the employee's personal, financial, and medical data unless his demands were met.
When the victim didn't respond, Kramer made good on his threat on July 12, 2024, publishing the information across several online platforms. Kramer's malware impacted at least two other victims in addition to the Disney employee.
He is now facing two felony charges: one count of accessing a computer to obtain information and one count of threatening to damage a protected computer. Each charge carries a potential maximum sentence of five years in federal prison. The FBI continues to investigate the incident.
Kramer is expected to make his initial court appearance in downtown Los Angeles in the coming weeks. While Disney has not yet made a public statement on the extent of the breach, such incidents raise growing concerns about cybersecurity in the entertainment industry.
As more workflows and development pipelines move to the cloud, the importance of digital vigilance — from both employees and the company — becomes more critical than ever. Fans may never know exactly what was compromised in the Slack leak, but with over a terabyte of internal Disney data exposed, this marks one of the most substantial digital breaches the company has faced.