Former Disney Employee Arrested After Hacking System to Alter Food Menus, Potentially Endangering Consumers

386/67 Friday, November 1, 2024

Scheuer, who once worked as a production manager overseeing food menus at Disney, was dismissed in June due to alleged inappropriate conduct. Following his termination, Scheuer accessed the menu creation system using his still-active account credentials. He altered the font in the entire menu database to Wingdings, rendering all text unreadable and unusable. Additionally, he is accused of modifying the QR codes on the menus to redirect users to a website promoting a boycott of Israel. Most concerningly, he removed allergen information from menu items, posing a significant health risk to consumers with food allergies. Fortunately, Disney detected the compromised menus and removed them before they reached any restaurants.

Scheuer also allegedly targeted several Disney employees by repeatedly submitting incorrect login attempts to their accounts, primarily those with whom he had prior conflicts. A search of his residence revealed the use of Mullvad VPN and other virtual tools intended to cover his tracks. Investigators also found personal data of Disney employees and a relative of one employee stored on his computer, further linking him to these attacks. After reviewing the evidence, the FBI charged Scheuer with two counts under the Computer Fraud and Abuse Act (CFAA), including unauthorized access to a protected computer system and causing damage valued over $5,000. If convicted, he could face a maximum prison sentence of up to 15 years.

Source https://www.theregister.com/2024/10/30/fired_disney_employee_hacks_menu/