Last year, Disney engineer Matthew Van Andel unknowingly downloaded malware while installing a free AI tool on his personal computer. This malware, controlled by an anti-AI activist hacker, gave attackers unrestricted access to his system for five months—allowing them to steal passwords, session cookies, and sensitive data.
Among the compromised accounts was 1Password, where Van Andel stored his logins and 2-factor authentication (2FA) keys. By stealing session cookies, the hacker was able to access Disney’s internal Slack channel, which led to a massive data leak of 44 million messages, including private customer data, employee passport numbers, and financial information.
After Van Andel reported the breach, the hacker retaliated by doxxing him, exposing his credit card details, medical history, and all stored credentials from his password manager. He was later fired from Disney, accused of violating company policies, which he denied.
What’s the lesson here?
This wasn’t a 1Password failure—the real issue was installing untrusted software, which allowed hackers to steal everything. Be sure to use hardware-based authentication (like Yubico keys) for critical accounts, and if you take one lesson away from this story, let it be this: store 2FA codes separately from your password manager. (It’s a little bit like storing your car keys in your glove compartment.) Always prioritize security over convenience.
What other topics are trending?
- 89% of enterprise GenAI usage is invisible to organizations, new report reveals: The report, published by LayerX, highlights critical vulnerabilities and reveals how unchecked AI use exposes organizations to significant risks such as data leakage and unauthorized access.
- FBI says North Korea ‘responsible’ for $1.4 billion Bybit heist: The FBI attributed the hack to a group known as TraderTraitor. Their actions resulted in the theft of more than $1.4 billion worth of Ethereum cryptocurrency.
- Over 49,000 misconfigured building access systems exposed online: Security researchers at Modat discovered 49,000 global Access Management Systems (AMS) that were not correctly configured for secure authentication, allowing anyone to access them—which could compromise privacy and physical security in critical sectors.
The Soapbox: Online conversations you don’t want to miss
Featuring insights from our Co-Founder & CTO, James Ciesielski.
Not a ‘jobs apocalypse’: As many as 41% of employers plan to use AI to replace roles
Industry take: AI replacing jobs — is it truly the end of work as we know it, or just the next phase of workplace evolution? While automation will undoubtedly reshape roles, history shows that technology often creates new opportunities alongside disruption. – Adrian Voigt, Head of Collaboration Solutions at codecentric AG
Join the conversation on Reddit.
Sneaky buggers: Malicious browser extensions impacting at least 3.2 million users
My take? If it seems like browser extensions are a hot topic in cybersecurity and a major threat to your data, that’s because they are. Ensure that your team only installs extensions from trusted developers, regularly reviews and removes unnecessary extensions, and limits permissions to the minimum required for functionality—and don’t forget to practice what you preach.
Join the conversation on Reddit.
Upcoming industry events
April 8-10, 2025 | Anaheim, California & online
Atlassian is redefining what’s possible when great teams and transformative technology come together. With over 4,000 attendees joining Team ’25 from around the world, you’ll be sure to leave with valuable insights and connections. Discover Atlassian’s cutting-edge AI solutions, hear unique perspectives fueling growth and innovation, and level up your skills.
P.S. Team Rewind will be at the conference—in fact, our CEO & Co-Founder Mike Potter will be speaking about how to safeguard Jira and Confluence data against accidental loss, outages, and AI-driven risks.
Subscribe to Retro for more!
Like what you read? Subscribe to Retro so you don’t miss any of our industry’s top stories and conversations.
Miriam Saslove">
