02-05-2025
Disney Slack Hack Suspect Pleads Guilty In Deal With Feds; Could Get 10 Years Behind Bars For 2024 Attack
The hacker who snagged a bevy of the Walt Disney Company's confidential information last year and tried to blackmail a House of Mouse staffer has made a deal with the Department of Justice.
In an agreement released today by the U.S. Attorney's office for the Central District of California, Ryan Mitchell Kramer (a.k.a. NullBulge) has agreed to enter a guilty plea over his mid-2024 attack on Disney's systems. Hit with one count of accessing a computer and obtaining information and one count of threatening to damage a protected computer. Kramer is looking at up to a decade in a federal prison, a.k.a. a maximum of five years on each count.
More from Deadline
Nothing But Joy As 'Inside Out 2' Is No. 1 Movie In Deadline's 2024 Most Valuable Blockbuster Tournament With $650M In Profit
'Moana 2' Chee-Hoos To $415M In Profit And No. 2 In 2024's Most Valuable Blockbuster Tournament
Sean "Diddy" Combs Admits Rejecting Feds' Sex Trafficking Plea Deal Just Before Trial; Jury Selection Begins Next Week
'We are pleased that this individual has been charged and has agreed to plead guilty to federal charges,' Disney said today after the DOJ made the deal with Santa Clarita-based Kramer public. 'We remain committed to working closely with law enforcement, as we did in this case, to ensure that cybercriminals are brought to justice.'
In the plea agreement, prosecutors list the severe digital restrictions Kramer will have to live under in and out of prison. The Assistant U.S. Attorneys Lauren Restrepo and Maxwell Coll, both of the Cyber and Intellectual Property Crimes Section, led prosecution also makes clear to Kramer that despite their recommendations, the 25-year-old 'understands that no one –- not the prosecutor, defendant's attorney, or the Court –- can make a binding prediction or promise regarding the sentence defendant will receive, except that it will be at or below the statutory maximum.'
Leading to the Bob Iger-run entertainment giant eventually shutting down its internal Slack system, Kramer did his damage last year by slipping into the company's data in via malicious files he created that posed as AI generated art and was downloaded by an unsuspecting Disney staffer. Gaining control of Disney staffer M.V.'s personal computer and the data on it, Kramer leapfrogged into the company's then well used and multi-channel Slack systems to grab 'approximately 1.1 terabytes of confidential data from thousands of Disney Slack channels,' according to the feds.
With chilling flashbacks to the metastatic Sony hack of 2014, the plea agreement filed Thursday states: 'In July 2024, defendant contacted M.V. via email and the online messaging platform Discord, pretending to be a member of a fake Russia-based hacktivist group called 'NullBulge.' The emails and Discord message contained threats to leak M.V.'s personal information and Disney's Slack data. One message defendant sent to M.V. on July 8, 2024, threatened that in order to 'ensure this information remains undisclosed, I need your cooperation,' and warned that if M.V. contacted anyone about the message, 'we will drop our data publicly and loudly without so much as a warning.' Defendant also threatened that this would be a 'major, major mistake' for M.V.'s 'information and career at Disney.' Another email sent to M.V. on July 12, 2024, with the subject line 'You sure that's how you want to play?', stated, in part, 'Respond, do what we want, or end up on the net. Your choice. We will not contact you again.''
Going back to at least 2019, the material that Kramer got his digital hands on included not just everything official on current Disney employees, but people who had applied for jobs there as well as career paths and executive trajectories among much more.
With at least two other individuals hacked by Kramer as well as M.V., prosecutors added in their filing today: 'On July 12, 2024, after M.V. did not respond to defendant's threats, defendant publicly released the stolen Disney Slack files, as well as M.V.'s bank, medical, and personal information on multiple online platforms. On July 14, 2024, following the leak of M.V.'s and Disney's data, M.V. received a final email from defendant, again using a NullBulge address that stated, in part, 'just wanted to check in to see if you believe us now. We are willing to take your data down, but not for free. Let us know.''
News of the hack was initially reported by the Wall Street Journal on July 15, 2024. Soon afterwards the FBI announced they were starting a probe into what happened. While this case is pretty much concluded, the Kash Patel-run FBI is still investigating what occurred with the two other people Kramer hacked
Kramer is expected to make an appearance in U.S. District Court in DTLA in the next month or so.
Best of Deadline
Brad Pitt's Apple 'F1' Movie: Everything We Know So Far
Everything We Know About 'Nine Perfect Strangers' Season 2 So Far
2025-26 Awards Season Calendar: Dates For Tonys, Emmys, Oscars & More
