A former Disney employee has been sentenced to three years in federal prison after hacking into the company’s internal systems to manipulate restaurant menus — including falsifying allergen information and inserting profane language.
Michael Scheuer, a Florida resident, pled guilty in January to charges of computer fraud and aggravated identity theft. Along with prison time, he has been ordered to pay nearly $690,000 in restitution, most of which will go to Disney.
“Mr. Scheuer remains remorseful and apologetic to his former co-workers. We are grateful the judge considered our arguments and gave a sentence that was half of what the government had sought,” his attorney, David Haas, said in a statement to CNN.
Scheuer, who previously worked as a menu production manager at Disney, was fired in June 2023 for misconduct. His role gave him access to Disney’s secure internal systems used to create and manage menus across the company’s restaurants.
After being terminated, Scheuer illegally accessed Disney’s menu servers multiple times. According to federal prosecutors, he made disruptive changes such as altering prices, inserting profanity, and dangerously modifying allergen information — for instance, labeling peanut-containing items as peanut-free, potentially endangering guests with allergies.
Fortunately, Disney detected and removed the tampered menus before they were distributed to restaurants. The company has not yet commented publicly on the case.
The complaint revealed more shocking actions. In one instance, Scheuer changed text fonts on menus to “wingdings” — a symbolic font that made menus unreadable and caused the Menu Creator system to crash. Disney was forced to take the system offline and restore operations using backups.
The U.S. Department of Justice also stated that Scheuer changed menu details to include references to locations of recent mass shootings, and deactivated employee accounts by repeatedly entering incorrect passwords. In total, at least 14 employees were locked out of their accounts, with a bot attempting over 100,000 login attempts, effectively disabling the accounts.
The DOJ described Scheuer’s actions as “computer intrusions” that caused significant disruption to Disney’s internal operations and posed a public health risk.
Leave a Reply