Disney fires hacked employee…

Security Awareness
22 April 2025
dipendente-disney-licenziato

When feeling like an expert makes you let your guard down too much!

Playing with fire gets you burned.
It sounds like a classic grandmother’s warning instead that is exactly what can happen if we get too close to technology and in particular artificial intelligence without due caution. Moreover, being tech-savvy may not be enough to keep us safe from nasty surprises. In fact, sometimes overconfidence plays even more unexpected tricks.

That’s what happened to a Disney employee, Matthew Van Andel, nicknamed the Dutchman by many, a very serious guy with a keen interest in technology and the field ofartificial intelligence, who was fired after his company computer was compromised following the installation of an unauthorized artificial intelligence tool.

What happened

The incident dates back to July 2024 when Van Andel, who was a sort of mid-level technology manager for Disney, inadvertently caused a major corporate data breach by downloading an AI image generation tool from GitHub, a Microsoft-owned website popular with software developers.

Although the software looked harmless, it contained an infostealer malware that compromised his computer over a period of five months. It also allowed hackers to gain access to the password manager 1Password of Van Andel, thus stealing his credentials and allowing access to Disney‘s internal systems.

Using the stolen credentials, cyber criminals were able to access a wide range of sensitive data within the company’s systems. Among the data leaked was customer information, employee passport numbers, and financial details related to Disney’s theme parks and streaming services.

Disney’s information security department detected the intrusion during a routine check of system logs, identifying suspicious traffic coming from the employee’s workstation. At that point, an internal investigation was launched that reconstructed the chain of events, linking the hacker attack to the installation of the unauthorized software.

Disney immediately isolated the compromised computer, terminated all of the employee’s access to company systems, and initiated containment protocols to limit the damage. After completing the investigation, the company decided to proceed with the employee’s termination, considering the violation of IT security policies to be a serious breach that had put the entire corporate infrastructure at risk.

In addition, the accident did not stop at the consequences for the company but compromised the victim’s personal life.

Indeed, Van Andel realized he had been hacked when, on a day in July 2024, he received a message referring to a business lunch that had taken place the day before, with specific details that only those present at the lunch would know. At the same time, strange things were happening to his bank accounts, credit cards, and other aspects of his private life that Matthew saw himself posting on the Internet, as in the worst of nightmares.

The implications for corporate security

This incident highlights, once again, the growing threat posed by targeted cyber attacks that use seemingly legitimate software as Trojan horses. Artificial intelligence tools are particularly attractive as bait because they promise substantial efficiency gains and are perceived as cutting-edge technologies by many professionals eager to remain competitive.

Large companies like Disney are particularly coveted targets for cyber criminals because of the value of the data they hold. The intellectual property of films not yet released, projects under development, or marketing strategies can be worth millions of dollars on the black market. For this reason, such organizations invest heavily in security systems and procedures.

The case highlights the difficult balance companies must strike between encouraging innovation and keeping their digital assets secure. While companies recognize the value of artificial intelligence tools in improving productivity and creativity and often incentivize employees to use them, they are well aware that these same tools, if not properly valued and protected, can pose significant risk.

The right prevention

Continued upgrades in technology underscore the importance of a comprehensive approach to cybersecurity that goes beyond simple technological barriers. The Disney incident once again highlights the vulnerability of the human factor. The target, even when comfortable with technology, as in the case of Matthew Van Andel, can fall victim to an attack precisely because, being a human being, he or she will still have a weakness that criminals will be able to break through.

Employee training is therefore now an asset that has become mandatory to invest in if you want to safeguard your company from such incidents. But not all training is the same, and choosing the right training platform can make a substantial difference.

The goal is to build a solid safety culture without, however, stifling business innovation, which is also necessary. The only way, then, is to choose the right training method, one that brings all these elements together and ensures a progressive update on continuous technological innovations through tools that are fun, engaging, targeted to personal needs and that above all guarantee practical exercises. Indeed, employees must always be trained to intercept a possible attack and stop it before it can do any damage.

Related Articles

The latest scams travel on WhatsApp

The latest scams travel on WhatsApp

The pitfalls of the most beloved App leverage the human factor... WhatsApp is increasingly turning into the new gateway for cybercriminals. After all, we are talking about an App that has become indispensable not only for personal use, exchange of photos, videos,...

read more