Hackers did not waste any time hacking and selling Disney+ account information.
Disney+ launched on November 12 in the United States, Canada, and the Netherlands. Astonishingly, the service had already obtained 10 million customers in the first 24 hours.
With millions of people creating accounts and watching new content, it did not take long for hackers to get into thousands of accounts, steal personal information like usernames and passwords, and then give away or sell that information on hacking forums.
Users reported receiving emails that their account information was changed and then could not access their account, essentially locking them out of the Disney+ service.
Some users have admitted that they use the same login/password combinations for Disney+ as they do for their other accounts. This leads us to believe hackers are simply using known email/password combinations to gain access.
Other users have said that they have unique passwords, which means it is likely hackers are getting credentials from information-stealing malware.
Accounts were put up for sale on hacking forums within hours of launch, selling for anywhere from $3 to $11 per account.
Many accounts were just posted for free, allowing others to grab that information without paying and use it to watch the service. Since the service can be downloaded onto 10 devices per account and 4 devices can watch at the same time, this allows people to freeload off paid users.
Talk about frustrating.
We advise that if you have a Disney+ account you take some measures to help protect your account from hackers.
First, create passwords that are complicated. Use capital letters, lowercase letters, numbers, special characters, and unique phrases.
Second, you should never share your login credentials with others. I know this can be hard because you want to spread the Disney+ love, but this is really in your best interest.
Have you had any suspicious activity on your Disney+ account? We hope no one in the KtP crew falls victim to hackers.