Disney Plus Targeted By Cyber Criminals, Thousands of Accounts Hacked And Sold
Disney Plus, Disney’s new video-on-demand streaming service, debuted on 12th November. However, it has been affected by a security breach.
Disney launched its video-on-demand streaming service on 12th November 2019. However, due to high demand for its popular collection of TV shows and movies, the Disney servers faced a crash. 10 million customers signed up for the service within 24 hours but are now waiting for customer support from the company via telephone and online chat. Following this, reports started circulating that many users accounts had also been hacked. Disney did not confirm these reports. In a statement shared with The Washington Post via email, the company said, "Disney takes the privacy and security of our users' data very seriously and there is no indication of a security breach on Disney+."
Disney plus. Credit Jason Reed/The Daily Dot
However, as per reports by several media outlets, many accounts have been hacked by cyber criminals, who have changed login credentials and locked out owners. These compromised accounts are now being sold over the internet, for $3-11 or offered for free, while the Disney+ subscription costs around $7. These reports are also reminding people to secure their online accounts by creating strong passwords. Users are concerned because some of them use the same password to access other Disney services as well.
Disney Plus homescreen
The BBC reported that it had, with the help of a cyber-security researcher, found a few hacked customer accounts for sale on the dark web. The report quoted Jason Hill, a lead researcher with CyberInt, who said hackers can steal someone's password from a different site and then try it on a new site, like Disney+, as many people use the same passwords on different sites. He suggested that people use password managers to avoid this problem, saying, “Whilst many may consider having a unique password for each online service to be difficult to manage, password managers simplify this process and allow you to generate and securely store unique difficult-to-guess passwords."