A Santa Clarita man has agreed to plead guilty to hacking the personal computer of an employee of The Walt Disney Company last year to illegally download confidential data from the Burbank-based company, officials announced Thursday.
Want to get caught up on what's happening in SoCal every weekday afternoon? Click to follow The L.A. Local wherever you get podcasts.
Ryan Mitchell Kramer, 25, will enter his plea on a future date to federal counts of accessing a computer and obtaining information, and threatening to damage a protected computer. The charges each carry a sentence of up to five years in federal prison, according to the U.S. Attorney's Office.
Kramer is expected to make his initial appearance in U.S. District Court in downtown Los Angeles in the coming weeks.
According to his plea agreement, Kramer posted a computer program early last year on various online platforms, including GitHub, that purportedly could be used to create artificial intelligence-generated art. In fact, the program contained a malicious file that enabled Kramer to gain access to victims' computers, prosecutors said.
Sometime in April and May of 2024, a victim downloaded the malicious file Kramer posted online, giving Kramer access to the victim's personal computer, including an online account where the victim stored login credentials and passwords for the victim's personal and work accounts.
After gaining unauthorized access to the victim's computer and online accounts, Kramer accessed a Slack online communications account that the victim used as a Disney employee, gaining access to non-public Disney Slack channels. In May 2024, Kramer downloaded about 1.1 terabytes of confidential data from thousands of Disney Slack channels, according to the plea agreement.
In July 2024, Kramer contacted the victim via email and the online messaging platform Discord, pretending to be a member of a fake Russia-based hacktivist group called "NullBulge." The emails and Discord message contained threats to leak the victim's personal information and Disney data, court papers show.
On July 12, 2024, after the victim did not respond to Kramer's threats, Kramer publicly released the stolen Disney Slack files, as well as the victim's bank, medical, and personal information on multiple online platforms, he admitted.
Kramer further admitted in his plea agreement that, in addition to the victim, at least two other victims downloaded Kramer's malicious file, and that Kramer was able to gain unauthorized access to their computers and accounts.
Follow KNX News 97.1 FM
