Disney+ user accounts found on hacking sites2019-11-19 18:50 by Daniela
The highly anticipated Disney+ streaming service launched last week – and was promptly targeted by hackers looking to compromise users' accounts. Hackers have gained access to thousands of Disney+ user accounts, selling them for between $3 and $11, according to multiple investigations. Some people were complaining that hackers locked them out of their accounts after online thieves gained access and changed their accounts' usernames and passwords.
"It's no surprise that cybercriminals jump on the same bandwagon as everyone else when there's a big new consumer launch," Niels Schweisshelm, technical program manager at HackerOne, said via email. "The scale of fresh accounts means it's very much worth their while to invest in attempting to compromise them – cybercriminals can rely on consumers' security apathy to give them an easy win."
Disney denied any security breach on its platform.
"[We] take the privacy and security of our users' data very seriously, and there is no indication of a security breach on Disney+," a company spokesperson told CNBC.
Disney+ itself does not appear to have been hacked. Instead, Disney+ customers' credentials were stolen in other security breaches. Many people use the same email logins and passwords for multiple accounts, including the streaming service, which have been stolen during previous security breaches.
Users are advised to change their Disney+ password to something they haven't used before. Interestingly enough, two-factor authentication (the ability to only log in or access an account via two wholly separate means, such as your personal email and phone number) is currently not available on Disney Plus.
Read more -here-