The Likely Reason Disney+ Accounts Are Getting 'Hacked'

The Likely Reason Disney+ Accounts Are Getting 'Hacked'

The reports came just a few days after Disney+ launched: Thousands of the streaming service accounts were already up for sale on various hacking forums, at bargain prices. As of Wednesday, new victims were still taking to Twitter and other venues to express their frustration that their accounts had been taken over. What’s happening almost certainly isn’t a hack in the way you’d normally think of it. Instead, it appears to be a classic—and regrettable—case of what’s known as credential stuffing.


As ZDNet first reported, compromised Disney+ accounts could be found on the dark web for as much as $11 a pop, or as little as, well, free. (Disney+ itself costs $7 per month, or less for a full-year plan.)


Disney rejects any suggestion that its systems have been hacked. “We have found no evidence of a security breach,” the company said in a statement. “We continuously audit our security systems and when we find an attempted suspicious login we proactively lock the associated user account and direct the user to select a new password.”

Taking megacorporations at their word, especially regarding cybersecurity issues, is rarely advisable, but in this case you don’t have to, because the simpler explanation is almost certainly the correct one.


“It certainly sounds like credential stuffing,” says Troy Hunt, founder the website Have I Been Pwned, a repository of the billions of accounts that ..

Support the originator by clicking the read the rest link below.