Some accounts of Disney + in the United States and in other countries they will have been hacked and They are offered for sale on the Dark Web for only $ 3, or even offered for free. Some people apparently lost access because someone else has changed their email address and registration password.
Disney currently denies any security breach. Users may be reusing passwords or being spied on by keyloggers. ZDNet has discovered thousands of accounts offered for free in pirate forums, or they sell for between $ 3 and $ 11.
The official subscription costs US $ 6 per month in the United States. In some cases, an attacker will log in, disconnect from all devices and change the email and password. In others, the account is only shared, something allowed by Disney's new streaming service, without changing the data.
Disney declares in a statement to the BBC that "it takes the privacy and security of our users' data very seriously and there is no evidence of a security breach at Disney +."
Some people really reused passwords, others say they had unique passwords for their Disney + accounts, but they were changed without their consent.
LastPass Save your passwords securely
Disney + and Netflix have no two-factor authentication
With these complaints Disney will be forced to implement two-factor authentication to avoid these inconveniences again. Netflix also does not offer this security feature that requires an additional code via SMS or through an app to log in, Telegram for example has this type of authentication.
In the case of Disney + the situation is more urgent because lThe credentials are used for other services such as amusement parks, Disney Vacation Club and Disney Store. Customers have supposedly been waiting for hours on the phone or in the chat, sometimes without having their account access restored.
The company explains that the problem was not with Amazon, which provides the cloud platform, but with the architecture of the application: "There were some boundaries in the architecture and they became visible, but they weren't there before."