Barely hours into its launch, thousands of Disney+ accounts were hacked and put up for sale on the Dark Web, reveals an investigation done by tech website ZDNet.
Disney+, Disney’s much-awaited streaming service, which was launched on November 12 in the U.S., Canada, and the Netherlands, gathered more than 10 million subscribers within 24 hours of its launch.
Many Disney+ account users complained of facing technical difficulties within hours of its launch caused due to high volume of subscribers than expected. Not just this, there were also reports from some users being locked out of their accounts, as their usernames and passwords were changed by hackers.
Angry users took to social media platforms like Twitter and Reddit to express their plight.
DISNEY+ HAS BEEN OPEN FOR LIKE 10 HOURS AND MY ACCOUNT HAS ALREADY BEEN HACKED pic.twitter.com/YBv6CfwTlh
— brandon ?·?·? (@brandoncult) November 12, 2019
#distwitter has anyone’s @disneyplus account been hacked? My friend’s was; hackers changed email and password. Now she’s completely blocked from her 3-year prepaid Disney+ account. She’s been on hold for >2 hours
— cat+dog=happyhome (@Travel4vr) November 12, 2019
Not even been half of a week and my dad’s Disney+ account has ALREADY been hacked.
Great security there @disneyplus @Disney. Unbelievable. #DisneyPlus
— Jesse (@CommandrBlitzer) November 15, 2019
While two users on condition of anonymity told ZDNet that they had reused passwords for their Disney+ accounts, other users said they had used strong and unique passwords for their accounts.
This means that hackers may have either used email and password combos leaked at other sites to gain access to the accounts, or they may have obtained the Disney+ credentials with the help of keylogging or information-stealing malware.
Thousands of stolen Disney+ accounts were put up for sale on hacking websites for as low as $3 and as high as $11 (the service itself costs $6.99 a month) depending on the pre-paid period. In fact, some accounts were offered for free revealed ZDNet’s investigation.
“However, in our search for ads on various hacking forums, we also came across several lists of Disney+ account credentials being offered for free, to be shared and used by the hacker community (Disney+ allows account sharing), ” ZDNet reported.
Disney has not yet commented on the matter.
This is the not first time that hackers have put up stolen user credentials of streaming services on the Dark Web. They have been selling Amazon Prime, Hulu, and Netflix user credentials online for years.
To prevent your account from being hacked, it is recommended that you use a strong and unique password for every site to avoid hackers gaining access to your accounts. Also, avoid clicking on links sent in emails from unauthorized and illegal Disney+ address.
