A disgruntled ex-Disney employee was caught hacking into the company's restaurant software and removing deadly peanut allergy warnings on certain menu items – threatening the health and safety of millions of Disney resort guests, the FBI said.
It all started when the alleged perpetrator, Michael Scheuer, was “contentiously” fired from his job on June 13th, due to “misconduct.”
Once fired, Scheuer is said to have gone on a three-month hacking spree, not only manipulating a menu software program, but carrying out DoS attacks on Disney personnel accounts of his former fellow employees, and in one instance, actually stalking one of those workers’ homes.
Scheuer was responsible for the fraudulent “creation and publishing of menus” for the entire Walt Disney Resort restaurant portfolio, according to a federal criminal complaint filed in Orlando, Florida earlier this month.
The FBI’s October 23rd complaint charges Scheuer – job title “Menu Production Manager” – hacked into Disney’s restaurant menu software, and actually changed food allergen descriptions, so that dishes containing certain deadly allergens, such as peanuts, would appear to be safe for guests to eat when they were not.
Besides the threat to public safety, Scheuer was reported to have changed all of the application’s fonts to ‘wingdings’ – a series of ‘dingbat’ fonts depicting letters as symbols – and peppered the menus with profanity.
What’s more, Scheuer, who was able to make the changes by creating a fake administrator account, even altered the menu’s coinciding digital QR codes, which when scanned, directed customers to a miscellaneous website that read “boycottisrael-dot-org.”
All of the changes had rendered the menu software inoperable for several weeks, the FBI said.
Fortunately, although the altered menus were printed, Disney was able to intercept them before they were shipped out to restaurants, avoiding a major health mishap, according to the Tampa FBI special agent tasked with providing details of the case.
Chilling 'dox' folder kept on coworkers
When interviewed by the FBI, Disney employees revealed that Scheuer “had intimate knowledge of the system architecture, the menu processing workflow, and potential vulnerabilities within the system,” the legal filing said.
Scheuer, who was said to have kept a “dox” folder of his former co-workers, further used his “unauthorized access” to perform multiple denial-of-service (DoS) attacks on individual personnel accounts of certain employees.
The dox folder, focusing on four specific victims, was said to be chock full of personally identifiable information (PII), including “phone numbers, email addresses, physical addresses, family members and relatives, jobs and education, social media, and asset information.”
The ex-worker was also said to have “developed a script to perform automated logon [sic] attempts” and was clocked with over 100,000 attempted logins on at least 14 victim accounts, including the original four, apparently the cause of Scheuer’s firing.
“The DoS attack initially targeted employees involved in Scheuer’s termination; it then progressed to his former, immediate co-workers; and it then progressed to others,” the FBI said.
According to the 26-page filing, the nefarious activities were witnessed taking place between mid-June and late-September of this year.
In October, the FBI had obtained a search warrant from Google to examine his account.
The FBI said Scheuer, once aware of the warrant by Google, was seen outside of at least one of the DoS victim’s residences during the night, recorded by the victim’s Ring doorbell.
Based on the evidence, all the attacks are believed to have taken place at Scheuer's residence using at least three virtual servers, found on his personal desktop confiscated by FBI agents.
Damages were estimated to be at least $150,000.
Your email address will not be published. Required fields are markedmarked