DISNEY+ login data appers in darknet, experts warning dangers of free flows and torrent.
Some of the account details of the new streaming site were provided for free.
Thousands of Disney + login credentials have surfaced on the darknet, raising fears that the new streaming service’s clients have been hacked.
Account credentials have been listed on various online black markets, with some users claiming to be unable to log in after changing their email address and password.
More than 10 million people have already signed up for Disney + since its launch last week, despite technical issues preventing some users from accessing the platform.
Disney claims its security systems have not been compromised, and the statement says it “takes the privacy and security of our users’ data very seriously and there is no sign of a security breach on Disney +.”
Some cybersecurity experts have suggested that the credentials may have come from previous hacks, as many people use the same email and password combination for multiple online accounts.
“Hacking Disney + is a classic example of credential stuffing: hackers use a combination of passwords and email addresses, put them on a login page and see the results they get,” said the CEO of cybersecurity company DynaRisk.
“It’s likely that some users may have used the same email address and password for multiple sites, including Disney +, and their credentials may have been stolen during previous security breaches at other companies.
Disney+ darknet logins were first spotted by ZDNet, which reported seeing them on sale for between $ 3 and $ 11.
Lists reviewed by DynaRisk revealed that some of the credentials are distributed free of charge.