A Santa Clarita man is headed to federal prison for one year and three months after admitting he hacked a Walt Disney Company employee’s computer, then walked off with an estimated 1.1 terabytes of internal Slack messages and files. Prosecutors say he pulled it off with a weaponized third-party program that posed as an AI image tool, grabbing login credentials from a personal device that was also linked to corporate accounts. The case, federal officials say, is a textbook warning about what can happen when unvetted code lands on machines tied to workplace systems.
How prosecutors say he did it
According to the U.S. Attorney’s Office, investigators say the defendant posted a program on GitHub and other platforms in early 2024 that was advertised as an AI art generator but secretly carried malicious code that let him remotely access victims’ computers. That file allegedly captured login information, which prosecutors say he then used to sign into a Disney employee’s Slack account and pull down non-public company files. The plea agreement notes that at least two additional victims downloaded the tainted software and likewise had their accounts or devices compromised.
What was taken and released
Investigators say that once he had access, the intruder downloaded roughly 1.1 terabytes of proprietary Disney data from thousands of private Slack channels, then went further and posted the haul online along with portions of the victim’s bank, medical and personal records. FOX 11 Los Angeles reported that the Justice Department timeline and the public leak surfaced in July 2024. Security analysts at the time seized on the episode for both the sheer size of the data grab and the use of a poisoned third-party utility as the initial way in.
Sentence and courtroom outcome
On Friday a federal judge ordered the Santa Clarita resident to serve one year and three months in prison, according to the Long Beach Press-Telegram. The outlet identifies the defendant by name and states that he is 26, matching the identity listed in court records and filings that tie him to the hacking scheme. Officials did not immediately release information about restitution or the specific terms of any supervised release that will follow the prison sentence.
Charges and legal stakes
The defendant pleaded guilty to two felony counts, one for accessing a computer and obtaining information and one for threatening to damage a protected computer, charges that each carry statutory maximum sentences of up to five years, according to the U.S. Attorney’s Office. Federal prosecutors detailed how the malware was deployed, how it opened a path into Disney’s Slack workspace, and how the stolen material eventually made its way to the public. Sentencing guidelines, combined with the court’s view of the sophistication of the method and the impact of the breach, shaped the punishment imposed this week.
Why it matters
Cybersecurity watchers have been pointing to this case as a cautionary tale about running third-party developer tools on any device that also touches corporate networks, a tactic that can quietly sidestep traditional perimeter defenses. Ars Technica and other outlets have highlighted the growing risk that malicious or compromised tools in the software supply chain can lead to high-impact breaches. For local businesses and remote workers, experts say the lesson is straightforward but not exactly convenient: keep experimental software walled off from work accounts and lean on strong endpoint protections whenever possible.
-2.webp?w=160&h=400&fit=crop&crop=edges)