It's never been proven (as far as I'm aware) that the guy was actually able to send commands to a real plane. It's no surprise that he was able to read data, because the seatback screens have to get the flight data they display from somewhere. But actually sending commands that will reach real systems is a pretty big leap.
Throwaway account to remain anonymous because these aren't nice words.
I worked with Chris Roberts for a period of time. Making things up to scare companies into dumping cash on him is kind of his 'thing'. I never once actually saw him perform any real exploits or produce anything of value except scary/funny looking powerpoints and lots of trash talk. In this case he just stepped a little bit too far with his made up scenario & nothing ever came of it.