Former Disney Employee Sentenced for Dangerous Menu Hacking and Attacks

A former Disney employee, Michael Scheuer, has been sentenced to three years in federal prison for unauthorized access and malicious alterations to Disney’s restaurant menu systems. His actions included changing allergen information, which could have posed serious health risks to patrons, and launching denial-of-service attacks to lock out other employees from their accounts.

Scheuer had legitimate access to Disney’s menu creation system during his employment. After his termination in June 2024, he exploited a shared team login to continue making unauthorized changes. These included altering allergen details in menu item descriptions while leaving separate allergen sheets untouched, potentially misleading customers about food safety.

Other tampering involved swapping menu fonts to Wingdings and replacing dish names with jokes, such as changing “Shellfish” to “Hellfish.” Disney identified and removed all altered menus before distribution, preventing any harm to customers.

In addition to menu tampering, Scheuer conducted denial-of-service attacks against fourteen employees, including those involved in his firing. He simulated thousands of incorrect login attempts to lock them out of their accounts. Authorities also found him outside one employee’s home during an FBI search, underscoring the severity of his actions.

Scheuer’s defense cited mental health struggles, including a panic attack and difficulties obtaining accommodations, as motivation for his actions. However, federal prosecutors highlighted that some alterations were made discreetly to avoid detection, indicating intent to cause harm or disruption.

This case underscores the critical importance of robust cybersecurity measures and access controls within organizations, especially to prevent insider threats that can compromise customer safety and business operations. It also highlights the need for companies to address employee mental health proactively to mitigate risks.

Key Takeaways for Businesses

• Implement strict access controls and regularly update login credentials to prevent unauthorized use of shared accounts.
• Monitor systems for unusual activity such as unauthorized menu changes or repeated failed login attempts.
• Develop clear protocols for addressing employee grievances and mental health to reduce insider risk factors.
• Ensure rapid response capabilities to identify and mitigate denial-of-service attacks and other cyber threats.

The Disney menu hacking incident serves as a cautionary tale about the dangers of insider cyber threats and the necessity of comprehensive cybersecurity strategies. Organizations must balance employee support with stringent security protocols to protect both their customers and their brand reputation.