Less than a week after Disney+ launched, hackers wasted no time getting into users’ accounts.
ZDNet discovered several instances of subscribers complaining online about being locked out of their account. Thousands of accounts were hacked, customers credentials were stolen and put up for sale on the dark web. The information was either offered for free on hacking forms, or was sold for prices between $3 to $11, according to the investigation by ZDNet.
BBC also reported finding hacked customer accounts on sale on the dark web.
A spokesperson for Disney told CNBC the company “takes the privacy and security of our users’ data very seriously and there is no indication of a security breach on Disney+.”
It’s likely hackers found email and password combinations re-used by Disney+ subscribers after they’d previously been stolen from other online services, the Associate Press reports.
Experts say the best way for Disney+ account holders to protect their information is to use unique passwords.
ZDNet reports this won’t prevent hackers from stealing passwords, but it will help prevent the hackers from gaining access to accounts by guessing.
Disney+ launched on Nov. 12 and costs $7 a month or $70 per year. The service is only available in the U.S., Canada and the Netherlands. It amassed more than 10 million customers within the first 24 hours.
Along with the hijacked accounts, users also experienced technical issues. Many users reported being unable to stream their favorite movies and shows.
Written by: New Generation Radio