Janice R. Andrews
A concerning cybersecurity breach has emerged at Disney World after a terminated employee allegedly compromised the park’s digital menu system and tampered with critical allergy information. Reports from 404 Media and Court Watch reveal that Michael Scheuer is accused of exploiting existing login credentials to infiltrate a third-party menu platform.
The alleged sabotage took multiple forms. Most alarmingly, Scheuer reportedly modified allergy warnings, including falsely marking peanut-containing items as peanut-free. The system was further vandalized with inappropriate language, price alterations, and conversion of text to Wingdings font – an unusual change that alerted staff to the breach. This disruption forced Disney to suspend menu operations for up to two weeks while restoring and securing the system.
Despite enhanced security measures, Scheuer allegedly persisted in accessing multiple FTP accounts belonging to the third-party vendor. His reported actions included redirecting QR codes to an unrelated boycott site and attempting roughly 8,000 unauthorized login attempts to Disney employee accounts.
While Disney maintains that compromised menus were caught before reaching restaurants, preventing guest exposure, this incident occurs against the backdrop of a separate case involving a doctor’s fatal allergic reaction at a Disney restaurant last year. Disney has moved to dismiss the family’s lawsuit, citing contractual obligations for alternative dispute resolution.
The incident underscores the critical intersection of digital security and guest safety in food service operations.
