NATIONAL NEWS

Disney Plus Blames Past Hacks For User Accounts Sold Online

Nov 20, 2019, 4:22 PM

Disney+ has arrived to try and reshape the streaming landscape. (CNN Business' Frank Pallotta)

(CNN Business' Frank Pallotta)

(AP) — Disney said Disney Plus account passwords being sold in underground hacking forums are coming from previous breaches at other companies, predating last week’s launch of its streaming service.

The company reiterated Wednesday that it found no evidence of a security breach and that account problems are limited to “a very small percentage of users” of Disney Plus.

Disney and other traditional media companies are trying to capture the subscription revenue now going to Netflix and other streaming giants. Helped by promotions, including a free year for some Verizon customers, Disney Plus attracted 10 million subscribers on its first day.

The news site ZDNet found stolen account usernames and passwords selling for $3 on underground hacking forums. Disney’s streaming service costs $7 a month or $70 a year.

Despite warnings by security experts, users often reuse passwords at multiple services, meaning a breach at one opens the door for a hacker to gain access to the others.

Users can easily avoid this by using strong passwords that are unique for each service, said Troy Hunt, an Australian security researcher whose “Have I Been Pwned?” website alerts people when their identity information is stolen.

But Hunt said Disney should implement better security measures.

“The Disney situation appears to be yet another credential stuffing attack where hackers exploit a combination of customers reusing passwords and the service provider not providing sufficient defenses to stop it,” Hunt said in an email.

Paul Rohmeyer, a professor at the Stevens Institute of Technology in Hoboken, New Jersey, said he’s surprised that streaming services haven’t yet implemented better security such as multi-factor authentication.

With multi-factor authentication, users must enter a code sent as a text message or email when logging in from a new device. The code helps ensure that people using stolen passwords or guessing them can’t use a service without also having access to the legitimate user’s phone or email account.

Rohmeyer said services may be hesitant to implement tougher security because they don’t want to be seen as more inconvenient than competitors.

Multi-factor authentication is an option for many non-streaming services, including Google, Facebook and Apple, but the extra security must be turned on. Disney Plus does require codes sent by email when changing account passwords, but it doesn’t use them for logging in from new devices.

Multi-factor authentication is harder to implement for services that are shared in households, as multiple users would need access to the same phone or email account. While Disney Plus, Netflix and Hulu let family members create their own profiles, with separate watch lists and preferences, they all share the same username and password. Apple TV Plus gets around this by having each family member sign in with a separate Apple ID.

KSL 5 TV Live

National News

Snow in Little Cottonwood Canyon...

Scott Sonner and Stefanie Dazio, Associated Press

Stretch of I-80 shut down as monster blizzard dumps snow on mountains in California and Nevada

California authorities shut down 100 miles of Interstate 80 on Friday as the biggest snow storm of the season bore down on the Sierra Nevada.

28 minutes ago

FILE: Ballots are counted by Maricopa County Elections Department staff ahead of Tuesdays election ...

Associated Press

Arizona’s new voting laws that require proof of citizenship are not discriminatory, a US judge rules

A U.S. district judge has ruled Arizona legislators did not discriminate when they adopted laws requiring counties to verify the status of registered voters who haven’t provided proof of U.S. citizenship.

37 minutes ago

Boeing fuselages leave the supply line for further construction....

Chris Isidore and Gregory Wallace, CNN

Boeing wants to buy back the company that builds the body of its troubled Max planes

Boeing said it is in talks to buy Spirit AeroSystems, a major supplier that was part of Boeing until a 2005 sale and one that was also involved in an Alaska Airlines mid-air door plug blowout.

3 hours ago

A killer whale known as Starboard preys on a great white shark in June off the South African coast,...

 Katie Hunt, CNN

A lone orca slayed a great white in less than two minutes. Scientists say it could signal an ecological shift

A pair of orcas have been killing great whites along a stretch of South African coastline.

4 hours ago

WASHINGTON, DC - FEBRUARY 28: Hunter Biden, son of U.S. President Joe Biden, listens as his attorne...

Farnoush Amiri and Lisa Mascaro, Associated Press

Takeaways from Hunter Biden’s combative deposition with Republican lawmakers

The transcript of the congressional deposition of Hunter Biden has been released. It reveals the contentious testimony that took place Wednesday as Republicans scrambled to advance an impeachment inquiry on the brink of collapse.

4 hours ago

FILE - Kristlyn Wood, a cousin of 11-year-old Audrii Cunningham, reacts during a vigil in Cunningha...

Associated Press

Family, advocates want solution to legal loophole after killing of 11-year-old Texas girl

As mourners prepare for the funeral of 11-year-old Audrii Cunningham, who was killed near Houston, the community wants answers about how the suspect in her death was allowed to remain free despite a long criminal history of violence.

5 hours ago

Sponsored Articles

Modern chandelier hanging from a white slanted ceiling with windows in the backgruond...

Lighting Design

Light Up Your Home With These Top Lighting Trends for 2024

Check out the latest lighting design trends for 2024 and tips on how you can incorporate them into your home.

Technician woman fixing hardware of desktop computer. Close up....

PC Laptops

Tips for Hassle-Free Computer Repairs

Experiencing a glitch in your computer can be frustrating, but with these tips you can have your computer repaired without the stress.

Close up of finger on keyboard button with number 11 logo...

PC Laptops

7 Reasons Why You Should Upgrade Your Laptop to Windows 11

Explore the benefits of upgrading to Windows 11 for a smoother, more secure, and feature-packed computing experience.

Stylish room interior with beautiful Christmas tree and decorative fireplace...

Lighting Design

Create a Festive Home with Our Easy-to-Follow Holiday Prep Guide

Get ready for festive celebrations! Discover expert tips to prepare your home for the holidays, creating a warm and welcoming atmosphere for unforgettable moments.

Battery low message on mobile device screen. Internet and technology concept...

PC Laptops

9 Tips to Get More Power Out of Your Laptop Battery

Get more power out of your laptop battery and help it last longer by implementing some of these tips from our guide.

Users display warnings about the use of artificial intelligence (AI), access to malicious software ...

Les Olson

How to Stay Safe from Cybersecurity Threats

Read our tips for reading for how to respond to rising cybersecurity threats in 2023 and beyond to keep yourself and your company safe.

Disney Plus Blames Past Hacks For User Accounts Sold Online