Some Disney+ customers are having trouble logging into their accounts, complaining on social media that their accounts have been compromised. Unfortunately, Within hours of the streaming service’s roll out last week, hackers commandeered user accounts: locking out owners, changing log-in credentials and, in many cases, selling them for as little as $3 apiece, a ZDNet investigation revealed.
Hackers have gained access to thousands of Disney+ user accounts, selling them for between $3 and $11, according to multiple investigations. Some people were complaining that hackers locked them out of their accounts after online thieves gained access and changed their accounts’ usernames and passwords.
It’s been discovered by ZDNet that compromised accounts are cropping up on hacking forums all over the Internet, selling for $3 to $11 apiece. A Disney Plus subscription costs $7 a month. On certain hacking forums, ZDNet found Disney Plus credentials being offered free.
Disney said in a statement that there is “no indication of a security breach on Disney+” and that it takes “users’ data very seriously.”
Disney+ itself does not appear to have been hacked. Instead, Disney+ customers’ credentials were stolen in other security breaches. Many people use the same email logins and passwords for multiple accounts, including the streaming service, which have been stolen during previous security breaches.
This problem is not unique to Disney. Amazon Prime, Hulu and Netflix have long faced similar struggles with hackers hawking accounts online or giving them away. Uber dealt with some account theft last year, where consumers saw charges on their accounts for rides hundreds of miles away. Like most streaming services, Disney Plus allows password sharing, meaning an account can be accessed from different devices in different locations, even far-flung ones. Disney Plus also does not have multi-factor authentication, which would require someone to confirm their identity beyond the standard log-in and password before successfully signing into an account.
As per Disney, if a user has become locked out of their account, they should contact customer support immediately for assistance. If you suspect your password has been compromised, here are some easy tips to make sure it doesn’t happen again:
Change your password and make it unique
Don’t use common passwords. A recent survey from the UK’s National Cyber Security Centre revealed the world’s most common passwords and found that “123456” is the internet’s most vulnerable password. The password “123456789” was used on 7.7 million accounts, while “qwerty” and “password” were each used by more than 3 million.
The organization recommended using three “random but memorable” terms in a password, to reduce the risk of having an account breached.
Use different passwords
It’s simple: Use a different password for each account. Jot them down safely (on paper) and store them in a place you’ll remember.
Use tools from Chrome
Google’s browser has a Password Checkup feature that automatically checks all your saved passwords for security problems and alerts you if passwords have been exposed in a third-party data breach. The tool will also tell you if your password is being reused across different sites by bad actors or if you have a weak password that should be updated.
It’s available as an extension and can be installed here.
Use third-party tools
Paid services, including Dashlane and 1Password will monitor logins and inform people when their credentials have been compromised. The easy-to-use tools create a secure password that can be used across multiple accounts through a browser extension.
Chrome also has a free service that suggests strong passwords for new sign-ins.
Use two-factor authentication
Some popular services, including Google’s Gmail or Apple, offer two-factor authentication. That’s an extra security step where the service texts or emails you a one-time use PIN code needed to log-in.
Additionally, check your emails for any password change requests and keep an eye on our Disney Plus error guide. If you’re seeing error code 86, then you’ll want to contact Customer Service immediately as your account will have been blocked, potentially due to suspicious activity.
Again, if you discover that you’ve been locked out of your account- you MUST contact Disney customer support immediately. You can contact them here, their live support is available 24 hours a day/7 days a week.
Want to go on vacation?
We recommend Academy Travel, a Disney Diamond Earmarked agency. Walt Disney World, Disneyland, Disney Cruise Line, Adventures by Disney, Universal Orlando Resort, Sea World and more -- they can do it all, and at no extra cost to you! Fill out the form below or call 609-978-0740 today!