A former Disney employee, Michael Scheuer, will serve three years in prison for computer fraud and aggravated identity theft after a digital sabotage campaign against his ex-employer. In addition to his sentence, he must pay nearly US$688,000 in restitution.
Scheuer, a former menu production manager at Walt Disney World, launched his campaign after being fired for misconduct in June 2024. He broke into the internal menu creation system for Disney park restaurants, falsely labeling certain foods as allergy-safe when they weren’t. This included changing items with peanuts to be listed as peanut-free, which could be fatal for individuals with peanut allergies. In some cases, he altered wine region labels to reference locations of recent mass shootings.
He also tampered with prices, inserted profanity, switched QR codes to link to a site promoting a boycott of Israel over its invasion of Gaza, and changed the menu font to Wingdings — a symbol-based typeface instead of standard letters and numbers.
Fortunately, Disney detected the changes before they reached customers.
Scheuer didn’t stop with menu manipulation. He deployed a bot to repeatedly try logging into at least 14 employee accounts, locking out staff and rendering the accounts unusable. Investigators later found a “dox” folder on his computer, containing personal identifiable information (PII) of his targets. “Doxing” — also spelled “doxxing” — refers to collecting and exposing someone’s personal information to intimidate, shame, or harass them.
After authorities arrested Scheuer in October 2024, he pleaded guilty and expressed remorse. However, prosecutors pushed for a 70-month sentence due to the scope and seriousness of his actions.
Scheuer’s lawyer David Haas said:
“Mr. Scheuer remains remorseful and apologetic to the victims. We are grateful that the Judge heard all of our arguments and mitigation when fashioning a sentence that was half of what the Government was seeking.”
Several cybersecurity mistakes were made both sides of this conflict.
- Disney should have disabled the accounts used by the disgruntled ex-employee, especially when the company was aware his termination was contentious.
- While Scheuer used a VPN, the range of his IP addresses was in the same range as when he still worked for Disney and used the same VPN.
- The use of Wingdings messed up the menu system so bad that the Menu Creator became inoperable and the action was bound to be found out.
- Changing menu items to falsely claim there are no peanuts in them could have had fatal consequences.
We don’t just report on threats – we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.
