Disney+ faced some launch day snags on its opening day last week, as a heavy influx of users hit the service, causing them to overwhelm the streaming service’s servers. Now, the services popularity has lead to the service’s users being faced with having their login credential stolen and sold on the internet.
ZDNet reports that number of users have complained that they are either unable to access their Disney+ account, or that unauthorized users had accessed their account. In some cases, users found that their devices had been logged out of the service and that the account’s email address and password had been changed, locking them out.
Account credentials began showing up for sale on hacking forums, running anywhere from $3 to $11, and were also being sold on the dark web. The prices seem a bit high for a subscription that goes for $6.99 per month, but okay. Perhaps the accounts were of the 1-year or 3-year pre-paid variety.
Disney has yet to confirm or comment on the issue, but the issue might not be due to a site breach, but instead be due to poor password management by users. A search by the BBC on Monday revealed that 4,000+ customer accounts were bring sold on one site, which is a fraction of the hundreds of thousands of accounts usually resulting from a site breach.
The small number of affected accounts could be caused by hackers going through lists of earlier breaches to acquire login information from those breaches, and trying each one until a combination allowed access to Disney+.
We strongly recommend the creation of unique logins and passwords for each website you use, to prevent the use of one login across numerous accounts. By making use of the various password management apps that are currently available on most computing platforms, or even the password management and creation abilities of most browsers, users can prevent such an issue from affecting their accounts.
By the way, if your account was one of the affected Disney+ accounts, good luck explaining to your 6-year-old why she can’t watch Frozen for the 4,793rd time.