Disney+ user accounts are already getting hacked

The launch of Disney+ thus far has been something of a mixed bag. On one hand, Disney was able to get 10 million users to sign up for its fledgling service, an impressive figure no matter how you look at it. On the other hand, the service’s debut was not without its share of frustrations as users experienced a range of technical difficulties when it came to actually accessing Disney’s vast catalog of content. While some users experienced slow streaming speeds, others were unable to connect to the service at all.

Disney naturally attributed the issues to swelling consumer demand.

“The consumer demand for Disney+ has exceeded our highest expectations,” the company said in a statement. “While we are pleased by this incredible response, we are aware of the current user issues and are working to swiftly resolve them. We appreciate your patience.”

Disney, to its credit, managed to address the aforementioned connectivity issues rather quickly. But now the company faces another and much more worrisome issue — hijacked accounts.

A new report from ZDNet relays that hackers have started hijacking thousands of user accounts, changing the login information, and putting the new credentials up for sale on online forums. Consequently, some Disney+ subscribers have been completely locked out of their accounts.

The tweets below highlights what some users are experiencing:

#distwitter has anyone’s @disneyplus account been hacked? My friend’s was; hackers changed email and password. Now she’s completely blocked from her 3-year prepaid Disney+ account. She’s been on hold for >2 hours

— HopeandLight (@Travel4vr) November 12, 2019

@disneyplus hey Disney, why is there no option to remove a device? My account was hacked and I can’t even remove these people. Your customer reps are clueless and don’t know wth they’re doing. I never had this issue with @netflix.

— ✨Allyhondra✨ (@ayeeloveablee) November 18, 2019

My @disneyplus account was hacked in less than 3 days 😒 I regained control long enough to delete my subscription. Won't be going back until Disney locks things down a lot more securely.

— That Writer Gen (@whimsicalwriter) November 18, 2019

As to how the hackers are accessing these accounts, it appears that some impacted users were using credentials that were previously leaked via other hacks. Other users, though, claim to have used original passwords and still saw their accounts compromised.

This suggests that in some cases hackers gained access to accounts by using email and password combos leaked at other sites, while in other cases the Disney+ credentials might have been obtained from users infected with keylogging or info-stealing malware.

Credentials for hijacked accounts are reportedly selling in the $3-$11 range. Interestingly, some posters are making Disney+ login and password information available for free to anyone who gets there first.

Per usual, new Disney+ subscribers would be well-advised to use a strong and completely new password when creating an account.