Disney Worker Downloads Free AI Tool—Loses Job And $200,000 Bonuses

In July, five months after the download, he received a message from a stranger.

Matthew Van Andel was fired from Disney after the free AI tool he downloaded gave hackers access to his personal information

Image credits: GoFundMe

The message, sent via Discord, read, “I have gained access to certain sensitive information related to your personal and professional life.”

Van Andel grew worried when he realized the stranger knew details about his life he hadn’t shared with anyone else outside of work, including messages sent privately on the workplace communication tool Slack about his lunch.

When he went to the police and cut off their access, 44 million Disney messages were made public.

These contained information about the company’s theme park and streaming revenue, private customer information, and employee passport numbers.

The criminal group also stole his credit card data and shared his social security number as well as login information to access his security cameras at home.

Van Andel reportedly lost control of his social media accounts, which became filled with obscene language.

The hacker told the victim that he was part of NullBulge, a Russian collective of “hacktivists” that supports the rights of artists and opposes the use of artificial intelligence. However, some suspect he was an American working alone.

Van Andel downloaded the software on the code-sharing site GitHub

The hackers alleged online that they had received help from a man “on the inside.”

“The user was aware we had them, he tried to kick us out once but let us walk right back in before the second time,” they said in an email to CNN.

“Disney was our target due to how it handles artist contracts, its approach to AI, and its pretty blatant disregard for the consumer.”

“If we said, ‘Hello Disney, we have all your Slack data,’ they would instantly lock down and try to take us out. In a duel, you better fire first.”

As a result of the attack, Van Andel was fired from Disney after forensic analysis of his work computer found he had accessed p*rnographic content, which he denies.

“Mr. Van Andel’s claim that he did not engage in the misconduct that led to his termination is firmly refuted by the company’s review of his company-issued device,” a spokesperson for Disney recently told the Wall Street Journal.

The victim said that his health insurance was terminated following the cyberattack, and he lost $200,000 in bonuses.

Van Andel’s sister, Christa Maier, shared: “It was a tool that they had initially downloaded just to have fun with the children. But it was polluted with something, and this would not become apparent until many months later when they were mining data.”

When the engineer cut off the hackers’ access, they retaliated by sharing 44 million Disney messages

According to Christa, the hackers’ motivations were not ideological but financial.

“They initially started stealing a lot of credit card data and banking information — the normal things.

“But then they realized where he worked, and they were like, ‘We can have some additional fun with this.'”

Van Andel and his family set up a GoFundMe page following the attack to cover his legal fees and loss of income.

Van Andel reportedly lost $200,000 in bonuses and had his credit card data stolen

“This criminal has taken the most extreme measures to destroy his career, his finances, his reputation, and every aspect of his personal well-being,” the page description reads. 

“The extent of these malicious acts, which are continuing to unfold, affect the life and security of not only himself but those of his family and two young children.

“We are hoping we can raise enough to ensure he can continue to undo the damage that was caused and help alleviate the financial stress the family is faced with navigating during this very difficult time out of no fault of their own.”

People reacted to the former Disney employee’s decision to download free software