A former Disney employee's life was ruined after he innocently downloaded an AI photo app.
Matthew Van Andel downloaded free software from the code-sharing site GitHub. He innocently believed the technology was nothing more than helping him create AI images from text prompts.
However, the software contained malware that compromised his personal data.
Advert
A few months later, the engineer received a message on the chat forum Discord from an unknown account.
The sender seemed to know specific personal details about Van Andel's life - the kind that would only have been available by accessing Disney's workplace Slack chat. It turned out that by downloading the app, the hackers had compromised Disney’s internal communications and accessed confidential employee data.
The hackers demanded that the 42-year-old comply with their instructions or they would leak his personal information online.
Advert
As the engineer raced to reset his various passwords, the hackers followed through on their threat.
Consequently, his Social Security number, Disney login credentials, login information for his home Ring cameras, and even details about his children’s Roblox accounts were all made public.
“It’s impossible to convey the sense of violation,” Van Andel, 42, of La Crescenta, California stated.
The aftermath was pretty devastating for Van Andel. He suffered from panic attacks, sleepless nights and relentless harassment on his social media.
Advert
To make matters worse, he lost his job at Disney after an internal forensic investigation claimed to have found evidence of adult content on his work computer. Van Andel's health insurance was also terminated and he lost about $200,000 in bonuses, according to the Wall Street Journal.
The attack was part of a broader breach carried out by a hacking group calling itself Nullbulge.
The group infiltrated Disney’s Slack system and leaked over a terabyte of confidential data, including employee records, computer code, Disney technologies and details about unreleased ad projects.
Advert
Nullbulge reportedly told reporters that it carried out the attack due to 'how [Disney] handles artist contracts, its approach to AI, and its pretty blatant disregard for the consumer.'
However, cybersecurity experts believe the attack was more likely an individual attacker using malware to steal data for personal gain.
“When the hacker made their presence known and tried to extort our brother for additional information, he instead went directly to the authorities and put himself, his family and his reputation at risk to protect his employer,” Van Andel's family wrote on a GoFundMe page.
“The hacker retaliated over his unwillingness to comply by publicly releasing personal information and attempting to make an example of him so that the next victim would comply with their sadistic demands.”
Advert
The impact of the attack continues. Even months after the breach, Van Andel said he still faces security threats, with regular attempts to access his private accounts.