Disney Releases Statement On Disney+ Hacking

202

There has been many reports that Disney+ has been hacked due to many users having their account information shared on the dark web.

Disney has addressed these concerns by providing the following comment to Deadline.

“We have found no evidence of a security breach. Billions of usernames and passwords leaked from previous breaches at other companies, pre-dating the launch of Disney+, are being sold on the web. We continuously audit our security systems and when we find an attempted suspicious login we proactively lock the associated user account and direct the user to select a new password. We have seen a very small percentage of users in this situation and encourage any users who are having these kind of issues to reach out to our customer support so we can help them.”

Some Disney+ users are reporting on Social Media that their accounts are showing unauthorized user profiles. These users are sharing that when they have logged into their accounts, they are seeing strange names and additional profiles that have been created and added to their account.

Disney+ accounts may have been hacked as a result of spam email messages tricking users to provide their login info, allowing hackers to sell this information. Other techniques by hackers include trying hacked usernames and passwords from other steaming services and seeing if they work on Disney+.

Hackers are sending emails to Disney+ customers stating that they’re account is locked until they enter a credit card or their login information. Once customers have done this, their information is stolen. 

Currently, you can find Disney+ accounts as low as $5 per year on hacking forums.

While this isn’t Disney’s fault directly, they can absolutely do better. Disney should have an option to enable, an industry standard, two factor authentication for all Disney+ accounts. It would also be very useful if Disney would allow us to see which devices are using Disney+ with an option to force all users out.

This is a reminder that you should always be using a unique password for every website you sign up with. Check that emails are actually from Disney and not somebody pretending to be Disney.

Leave a Reply