Thousands of Disney+ accounts hacked within days of the service's launch

David Murphy

Thousands of Disney+ customers have had their accounts hacked within days of the service launching.

Disney+ launched just less than a week ago on 12 November in the US, Canada and the Netherlands. Despite the launch being hampered by technical issues which left many users unable to access the content, the service attracted more than 10m users in the first 24 hours.

However, according to ZDNet, thousands of those users have had their accounts hacked. The hackers accessed their accounts, logged them out of all devices, and then changed he account's email and password, taking over the account and locking the previous owner out.
According to the ZDNet report, the hackers gained access to the accounts, either by using email and password combos leaked by other sites, or by stealing login credentials using malware.

Some of the hacked account credentials have been offered for sale online for prices between $3 and $11 per account.

Users have taken to social media to complain about Disney’s lack of response to the problem. Disney+ does not currently use two factor authentication, though it might consider doing so after this episode.