Home Editor's Picks Thousands of Disney+ Accounts for Sale on Hacking Forums

Thousands of Disney+ Accounts for Sale on Hacking Forums

Thousands of Disney+ Accounts for Sale on Hacking Forums
0

By Wes O’Donnell
Managing Editor of In Military, InCyberDefense and In Space News.

Disney+ is arguably the most highly anticipated media streaming platform of 2019. Yet within hours of its launch on November 12, thousands of accounts had been hacked due to users’ poor password choices.

The service, available now only in the U.S., Canada, and the Netherlands, amassed more than 10 million customers in its first 24 hours.

However, within the first day, it became clear that many Disney+ users had lost control of their accounts:

Reporting for ZDNet, Catalin Cimpanu discovered several listings for Disney+ accounts on different underground hacking forums. The going rate for a hacked account was as little as $3.

For its part, Disney claims that its platform systems have not been compromised.

The culprit? People using the same password for many different accounts.

Of course, it can be exhausting these days to maintain a unique password for each of the countless online services. But password managers take much of the pain out of registering for a new account.

How Do Hackers Gain Access?

According to ZDN Net, “hackers are armed with billions of email addresses (likely including yours) and billions of previously-used passwords. Using automated brute-forcing tools they can quickly break into accounts en masse.”

Once hackers have gained access, they tend to move quickly. They revoke access to authorized devices and then change passwords to prevent legitimate users from logging back in. They’ll change the email address associated with an account, too. That stops users from using automated password reset tools to regain access.

Get started on your cybersecurity degree at American Military University.

Multi-factor authentication helps, but Disney has yet to roll out multi-factor authentication. So the best defense starts with a strong, unique password.

To add to Disney’s woes, the streaming service was plagued by technical issues on launch day. Many users complained about long wait times in customer service chats.

If you are thinking about signing up for Disney+, consider using a password manager to create a unique password for you that is difficult to guess. If you are already a member and are using the same password on Disney+ that you use for other online services, consider changing it.

Comments

comments

tags: