_Shannon_Crighton_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "Former Disney Employee Accused of Hacking Menu Database")
_Shannon_Crighton_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop&description=Former+Disney+Employee+Accused+of+Hacking+Menu+Database){kind=link}
A former Disney employee found himself in hot water after being arrested and charged for hacking into the company’s systems and tampering with its restaurant menus. Michael Scheuer, a former menu production manager at Disney, faced allegations of violating the Computer Fraud and Abuse Act (CFAA) on multiple occasions.
Scheuer’s troubles began when he was dismissed from his position in June due to unspecified misconduct. This dismissal was described as “contentious” and “not considered to be amicable,” according to court documents. Despite being terminated, Scheuer’s work credentials were still active, allowing him to access the Disney menu creation system operated by a third-party company.
Using his unauthorized access, Scheuer made drastic changes to the system by altering the fonts to Wingdings symbols. This alteration rendered all menus within the database unusable, as the font changes spread throughout the system. Additionally, Scheuer deleted vital allergen information from the menus, potentially putting consumers at risk of severe allergic reactions.
Disney managed to identify and isolate the compromised menus before any harm was done. However, the menu changes caused the system to go offline for a significant period, necessitating a full backup to restore functionality. The repercussions of Scheuer’s actions not only affected the company’s operations but also posed a potential threat to customer safety.
In a shocking twist, Scheuer was also implicated in a series of distributed denial-of-service (DDoS) attacks against Disney employees. Evidence recovered from one of Scheuer’s virtual machines pointed to him as the mastermind behind the attacks. The FBI’s investigation revealed incriminating details, leading to additional charges under the CFAA.
Currently, Scheuer remains in custody awaiting a bond hearing. If convicted on all charges, he could face a maximum sentence of up to 15 years in prison. The severity of the alleged offenses highlights the potential dangers of insider threats within organizations, underscoring the importance of robust cybersecurity measures and employee oversight.
Overall, Scheuer’s case serves as a cautionary tale about the consequences of abusing access privileges and engaging in malicious activities within corporate systems. Disney’s swift response to mitigate the damage caused by Scheuer’s actions underscores the significance of proactive cybersecurity protocols in safeguarding sensitive information and maintaining operational integrity.