Ex-Disney Staffer Charged For Dangerous Menu Hacks - 1

Image by Freepik

Ex-Disney Staffer Charged For Dangerous Menu Hacks

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

In a Rush? Here are the Quick Facts!

  • Scheuer altered menus, removing allergen info and changing fonts to Wingdings.
  • Scheuer faces charges under the Computer Fraud and Abuse Act.
  • He could face up to 15 years in prison if convicted.

A former Disney employee, Michael Scheuer, has been arrested and charged with hacking the company’s systems to alter restaurant menus, potentially endangering patrons’ health, as reported on Wednesday by The Register .

The complaint against Scheuer indicates that shortly after his firing, he exploited still-active work credentials to access a menu creation system contracted by Disney.

By July, he had changed all font characters to Wingdings symbols, rendering the menus unusable and knocking the system offline for weeks. The complaint detailed that when the system attempted to retrieve the original font, it instead pulled the altered files, which propagated throughout the entire database, as noted by The Register.

In addition to the font changes, Scheuer allegedly downloaded menus awaiting printing and redirected QR codes to a site urging users to boycott Israel.

Most alarmingly, he is accused of removing allergen information from menus, falsely suggesting that certain foods were safe for those with allergies. Disney reportedly identified and isolated these altered menus before they could reach restaurants, noted The Register.

The complaint further alleges that Scheuer conducted denial-of-service attacks against Disney employees by creating a script that bombarded login pages with incorrect attempts.

Investigators discovered that he had tried to cover his tracks using the Mullvad VPN, but records revealed connections to his work account. His computer also contained virtual machines with evidence linking them to the attacks, noted The Register.

Crucially, personal information of the Disney employees targeted in the attacks was found on Scheuer’s computer, including details belonging to one employee’s relative. Following a tip-off from the FBI regarding a search warrant for his Google account, Scheuer reportedly appeared at the victim’s home, said The Register.

The FBI has charged Scheuer with two violations of the CFAA for knowingly transmitting harmful programs and causing significant damage. If convicted, he could face up to 15 years in prison, noted The Register.

Currently, he remains in custody pending a bond hearing, with no date set for that proceeding. Disney has not commented on the case, said The Register.

Italian Hacking Scandal: Four Arrested, Sixty Under Investigation - 2

Image by DC Studio, from Freepik

Italian Hacking Scandal: Four Arrested, Sixty Under Investigation

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

In a Rush? Here are the Quick Facts!

  • Nunzio Samuele Calamucci allegedly infiltrated a national security database from Milan.
  • The hacking group used confidential data for extortion and manipulation.
  • Calamucci claimed links to Israeli intelligence in intercepted conversations.

Operating from a modest room behind Milan’s iconic Duomo cathedral, 44-year-old IT consultant Nunzio Samuele Calamucci allegedly orchestrated a multi-year infiltration of a national security database, as detailed in a recent 518-page judicial document reviewed by POLITICO .

The breach was run by a private investigations firm named Equalize, led by former high-ranking police officer Carmine Gallo, under the guidance of Enrico Pazzali, president of Fondazione Fiera Milano, an Italian trade fair operator.

In intercepted conversations, Calamucci, who worked for Equalize, reportedly claimed to have hacked the data of 800,000 individuals, as reported by The Verge .

The hackers believed they could “outsmart” all of Italy with their dossier factory, created by accessing significant databases and using confidential information, sometimes disguising it as “news reports,” according to local press ( TG24 ).

They produced reports for money and engaged in extortion or blackmail, aiming to influence key sectors, particularly politics and business, noted TG24.

As of Tuesday morning, four individuals have been arrested, and 60 others are under investigation. An investigating judge is set to review the allegations, which include conspiracy to commit hacking, corruption, illegal access to data, and the violation of official secrets, according to POLITICO.

Calamucci, who previously claimed to have breached the Pentagon as part of the Anonymous hacktivist collective, allegedly led a team of software engineers developing and managing databases for Italy’s Interior Ministry while working remotely, as noted by POLITICO.

During nighttime hours, when server traffic slowed, the group downloaded vast amounts of private data belonging to thousands of Italians, including President Sergio Mattarella and former Prime Minister Matteo Renzi, also reported by POLITICO.

In the ongoing investigation led by the Anti-Mafia and Anti-Terrorism Directorate (DDA) in Milan, Calamucci revealed alarming details about a proposed collaboration with individuals linked to Israeli intelligence, according to TG24.

A report from the Carabinieri’s Investigative Unit in Varese confirmed that previous operations had generated €40,000 for their group, with a contract worth €1 million reportedly on the table, noted local press ( Rai News ).

During an intercepted conversation, Rai News reported that Calamucci stated, “Half of the data went to the Vatican; the other half is needed to combat Wagner!” Investigators noted that Calamucci offered to provide sensitive information from national strategic databases in exchange for payment.

He indicated that Israeli agents were interested in a partnership involving intelligence activities related to Eni S.p.A., a major Italian multinational oil and gas company, according to Rai News.

The DDA’s prosecutor, Francesco De Tommasi, outlined that the group associated with Equalize operates with a “cluster structure,” with each member connected to law enforcement and public administrations for illicit data acquisition, as reported by TG24.

High-profile figures implicated in the investigation include Pierfrancesco Barletta, a former minority partner at Equalize and ex-vice president of SEA (Milan airports). He has suspended himself from his position pending clarification of the charges against him, according to Rai News.

As the investigation unfolds, the ramifications extend beyond the individuals involved, potentially impacting various sectors of Italian society.

The security breach has become a national scandal, shaking the political establishment and placing the government under pressure for a parliamentary inquiry and a reevaluation of its security policies.