Michael Scheuer, a former Disney menu production manager, was sentenced to three years in prison and ordered to pay $690,000 in restitution for hacking the company's systems.
Scheuer pleaded guilty to computer fraud and aggravated identity theft. He was fired from Disney last June for misconduct.
His actions included:
Although Disney removed altered menus before they reached restaurants, the damage and Scheuer's actions led to significant repercussions.
The sentencing took place last week in federal court in Florida. Scheuer's lawyer expressed remorse and gratitude for the sentence being half what the government requested.
The Department of Justice detailed the severity of the computer intrusions, emphasizing the potential harm to public health and safety caused by Scheuer's actions.
The incident highlights the importance of cybersecurity and the potential consequences of malicious insider threats within organizations. The financial and reputational damage caused by Scheuer's actions are substantial.
New York CNN  —Â
A former Disney employee who hacked into the company’s servers to alter its restaurant menus, including falsifying allergen information and printing profane language, has been sentenced to three years in prison.
Michael Scheuer, a Florida resident, was sentenced last week in federal court and ordered to pay nearly $690,000 in restitution, with most of that going to Disney. He pled guilty in January to one count of computer fraud and one count of aggravated identity theft.
“Scheuer remains remorseful and apologetic to his former co-workers. We are grateful that the judge heard all of our arguments and mitigation when fashioning a sentence that was half of what the government was seeking,” said David Haas, Scheuer’s lawyer, in a statement to CNN.
Scheuer worked as a menu production manager for Disney and was fired last June for misconduct, according to the original complaint. He had access to, and also used, secure internal servers for creating and publishing menus for all of Disney’s restaurants as part of his job at the company.
However, Disney identified and removed all altered menus before they were shipped to restaurants. The company didn’t immediately respond to CNN’s request for comment.
Scheuer hacked into Disney’s menu creation servers multiple times to manipulate and disrupt the menus, such as changing prices and adding profane language. He then made changes to the menus that “threatened public health and safety,” the complaint said, including altering allergen information to indicate certain menu items with peanuts were peanut-free, posing a fatal risk to individuals with peanut allergies.
Disney employees discovered the disruption when Scheuer altered menu text fonts to become icon symbols, known as wingdings.
“This change was so substantial that it caused the Menu Creator system to become inoperable while the font changes were made to all of the menus,” the complaint said. Disney was also “forced to take the Menu Creator application offline while they reverted to backups to regain the ability to operate.”
The DOJ said in a press release last week that the “computer intrusions” also included altering “menu information related to wine regions to reflect locations of recent mass shootings.”
Additionally, Scheuer allegedly disabled employee accounts during his hacking campaigns. He locked at least 14 Disney employees out of their accounts by continually attempting to log on to their accounts with incorrect passwords. He also used a bot to attempt over 100,000 logins to their accounts, rendering them unusable.
If you often open multiple tabs and struggle to keep track of them, Tabs Reminder is the solution you need. Tabs Reminder lets you set reminders for tabs so you can close them and get notified about them later. Never lose track of important tabs again with Tabs Reminder!
Try our Chrome extension today!
Share this article with your
friends and colleagues.
Earn points from views and
referrals who sign up.
Learn more