In a shocking turn of events, a former employee of the world-renowned Disney World resort is pleading guilty to a series of cybercrimes. The former staff member hacked into the resort’s menu system, causing a series of disturbing alterations.
Former Employee Pleads Guilty
Michael Scheuer, the individual in question, has admitted guilt to two charges linked to his cybercrimes. Firstly, he is accused of transmitting a program, information, code, and command with the intent to cause damage without authorization to a protected computer resulting in at least $5,000 in damages in a year. This charge alone carries a maximum sentence of 10 years in prison and a maximum fine of $250,000. Secondly, Scheuer has pleaded guilty to aggravated identity theft. His attorney, David Haas, has not yet disclosed a sentencing date.
Details of the Cyber Attack
According to the plea agreement, Scheuer committed various acts of cyber vandalism. He renamed wine regions on the drink menus after recent mass shootings and affixed a swastika image on a different menu. He also altered the QR digital menu codes to direct people to a controversial website, boycott.israel.org. Additionally, some menu backgrounds and images were tampered with, making the documents appear blank. However, Disney managed to catch these alterations before the menus were distributed to the public.
Potential Danger and Impact
The plea agreement also revealed that Scheuer even tampered with food allergy information on the menu, which had the potential to result in deadly consequences. The allergen alterations were specifically made on items containing peanuts, tree nuts, shellfish, and milk. While Disney managed to catch these changes before any harm was done, the menu system was down for days, significantly impacting one of the biggest tourism attractions in the world.
As a result of this cyber attack, nearly every menu in the system was affected. Scheuer also leaked the creator URL he used to commit the cyberattack and the Menu Creator login information for numerous accounts on the dark web. According to the criminal complaint, authorities have stated that Scheuer hacked into Menu Creator, a third-party Minnesota company that creates menus for Disney World restaurants only.
Scheuer was previously employed as a menu production manager before he was dismissed on June 13 due to misconduct. Disney World has yet to comment on the incident.
This shocking incident serves as a reminder of the importance of cybersecurity in all sectors. It also highlights the potential danger that can result from such breaches, particularly in industries such as hospitality where changes to things like food allergy information can have severe consequences.
