Man admits to hacking Disney's Slack channel and stealing 1.1TB of data

A Californian man has pleaded guilty to hacking Disney's Slack channel and stealing 1.1TB of internal company data, according to the Department of Justice (DOJ).

2

The man is 25-year-old Ryan Kramer, who operated under the alias "NullBulge," and according to the DOJ, Kramer created a malicious program in early 2025 that he promoted as an AI image generation tool on GitHub and various other platforms. The program was actually malware that enabled Kramer to gain access to a computer that downloaded the program and steal the passwords and data from the device.

The Wall Street Journal writes that one of the people who downloaded the program was Disney employee Matthew Van Andel, who had his passwords stolen from his 1Password password manager. With Van Andel's passwords, Kramer signed into Disney's Slack Channels where he began downloading data, amounting to 1.1TB of Disney's confidential company data.

The DOJ states that once Kramer acquired the stolen data, he contacted Van Andel, posing as a Russian hacktivist group called "NullBulge." Kramer told the Disney employee that if he didn't cooperate, Disney's stolen Slack data, along with Van Andel's personal information, would be published online. Kramer didn't receive a response from Van Andel, causing the hacker to publish a message on BreachForums on July 12, 2024, titled "Disney Internal Slack | 1.1TiB".

"1.1TiB of data. almost 10,000 channels, every message and file possible, dumped. Unreleased projects, raw images and code, some logins, links to internal api/ web pages, and more! Have fun sifting through it, there is a lot there," reads the forum post.

Kramer has pleaded guilty to one count of accessing a computer and obtaining information, along with one count of threatening to damage a protected computer. Both charge has a statutory maximum sentence of up to five years in federal prison.