Disney Plus blames past hacks for user accounts sold online

Nov 20, 2019, 3:51 PM | Updated: 4:04 pm

FILE - Wednesday, Nov. 13, 2019 file photo, a Disney logo forms part of a menu for the Disney Plus ...

FILE - Wednesday, Nov. 13, 2019 file photo, a Disney logo forms part of a menu for the Disney Plus movie and entertainment streaming service. Disney Plus says it doesn’t have a security breach, but some users of the new streaming service have been shut out after hackers tried to break into their accounts. (AP Photo/Steven Senne, File)

(AP Photo/Steven Senne, File)

Disney said Disney Plus account passwords being sold in underground hacking forums are coming from previous breaches at other companies, predating last week’s launch of its streaming service.

The company reiterated Wednesday that it found no evidence of a security breach, and that account problems are limited to “a very small percentage of users” of Disney Plus.

Disney and other traditional media companies are trying to capture the subscription revenue now going to Netflix and other streaming giants. Helped by promotions, including a free year for some Verizon customers, Disney Plus attracted 10 million subscribers on its first day.

The news site ZDNet found stolen account usernames and passwords selling for $3 on underground hacking forums. Disney’s streaming service costs $7 a month or $70 a year.

Despite warnings by security experts, users often reuse passwords at multiple services, meaning a breach at one opens the door for a hacker to gain access to the others.

Users can easily avoid this by using strong passwords that are unique for each service, said Troy Hunt, an Australian security researcher whose “Have I Been Pwned?” website alerts people when their identity information is stolen.

But Hunt said Disney should implement better security measures.

“The Disney situation appears to be yet another credential stuffing attack where hackers exploit a combination of customers reusing passwords and the service provider not providing sufficient defenses to stop it,” Hunt said in an email.

Paul Rohmeyer, a professor at the Stevens Institute of Technology in Hoboken, New Jersey, said he’s surprised that streaming services haven’t yet implemented better security such as multi-factor authentication.

With multi-factor authentication, users must enter a code sent as a text message or email when logging in from a new device.

The code helps ensure that people using stolen passwords or guessing them can’t use a service without also having access to the legitimate user’s phone or email account.

Rohmeyer said services may be hesitant to implement tougher security because they don’t want to be seen as more inconvenient than competitors.

Multi-factor authentication is an option for many non-streaming services, including Google, Facebook and Apple, but the extra security must be turned on. Disney Plus does require codes sent by email when changing account passwords, but it doesn’t use them for logging in from new devices.

Multi-factor authentication is harder to implement for services that are shared in households, as multiple users would need access to the same phone or email account. While Disney Plus, Netflix and Hulu let family members create their own profiles, with separate watch lists and preferences, they all share the same username and password. Apple TV Plus gets around this by having each family member sign in with a separate Apple ID.

We want to hear from you.

Have a story idea or tip? Send it to the KSL NewsRadio team here.

Republican presidential candidate former President Donald Trump speaks at a primary election night ...

MEG KINNARD and WILL WEISSERT Associated Press

Trump wins South Carolina, easily beating Haley in her home state and closing in on GOP nomination

Donald Trump won South Carolina's Republican primary on Saturday further consolidating his path to a third straight GOP nomination.

14 hours ago

A multi-vehicle collision involving three cars on northbound I-15 at 10600 S has caused delays afte...

Derrick Jones

I-15 collisions affecting weekend traffic

SALT LAKE CITY — A multi-vehicle collision involving three cars on northbound I-15 at 10600 S has caused delays after a truck pulling a trailer rolled over, blocking three lanes. Mike Alexander from the Utah Highway Patrol has confirmed that the injuries reported were minor. Emergency responders quickly attended to the scene. The cause of […]

15 hours ago

A man looks for a break in traffic as he crosses 300 West at a busy pedestrian area between Walmart...

Kennedy Camarena

Three pedestrian involved car accidents have SLCPD reminding the public about road safety

After three car accidents occurred within the same week, all with injury to pedestrians, SLCPD is reminding road users about road safety.

17 hours ago

SWAT officers with the Salt Lake City Police Department stand in a driveway after they and patrol o...

Kennedy Camarena

Suspect arrested by SLCPD and SWAT after threatening medical workers with a gun

Salt Lake City Police Department and their SWAT team were able to safely arrest a man who threatened Gold Cross employees with a gun.

23 hours ago

Former President Donald Trump walks on stage during the 2024 NRB International Christian Media Conv...

Fredreka Schouten, CNN

Wisconsin ethics panel recommends criminal prosecution for a Trump fundraising committee

A Wisconsin ethics panel is recommending that prosecutors pursue charges against one of Donald Trump’s fundraising arms.

1 day ago

Handcuffs are shown against a black background....

Alexander Campbell, ksltv

Salt Lake City man charged with credit union robbery

After the robbery of a Cyprus Credit Union in West Valley, a federal grand jury formally charged Joey Shaun Symond with the crime.  

1 day ago

Sponsored Articles

Mother and cute toddler child in a little fancy wooden cottage, reading a book, drinking tea and en...

Visit Bear Lake

How to find the best winter lodging in Bear Lake, Utah

Winter lodging in Bear Lake can be more limited than in the summer, but with some careful planning you can easily book your next winter trip.

Happy family in winter clothing at the ski resort, winter time, watching at mountains in front of t...

Visit Bear Lake

Ski more for less: Affordable ski resorts near Bear Lake, Utah

Plan your perfect ski getaway in Bear Lake this winter, with pristine slopes, affordable tickets, and breathtaking scenery.

front of the Butch Cassidy museum with a man in a cowboy hat standing in the doorway...

Bear Lake Convention and Visitors Bureau

Looking Back: The History of Bear Lake

The history of Bear Lake is full of fascinating stories. At over 250,000 years old, the lake has seen generations of people visit its shores.

silhouette of a family looking over a lake with a bird in the top corner flying...

Bear Lake Convention and Visitors Bureau

8 Fun Activities To Do in Bear Lake Without Getting in the Water

Bear Lake offers plenty of activities for the whole family to enjoy without having to get in the water. Catch 8 of our favorite activities.

Wellsville Mountains in the spring with a pond in the foreground...

Wasatch Property Management

Advantages of Renting Over Owning a Home

Renting allows you to enjoy luxury amenities and low maintenance without the long-term commitment and responsibilities of owning a home.

Clouds over a red rock vista in Hurricane, Utah...

Wasatch Property Management

Why Southern Utah is a Retirement Paradise

Retirement in southern Utah offers plenty of cultural and recreational opportunities. Find out all that this region has to offer.

Disney Plus blames past hacks for user accounts sold online