Technology: Disney+ user accounts found on hacking sites - - PressFrom - US
  •   
  •   
  •   

Technology Disney+ user accounts found on hacking sites

03:32  20 november  2019
03:32  20 november  2019 Source:   cbsnews.com

Former Yahoo engineer hacked 6,000 accounts in search of sexual content

  Former Yahoo engineer hacked 6,000 accounts in search of sexual content A former Yahoo engineer pleaded guilty to hacking into roughly 6,000 accounts in search of sexual photos and videos. According to court documents, Reyes Daniel Ruiz, 34, used his employee access to Yahoo's internal network to crack users' passwords. He then downloaded explicit photos and videos to a personal hard drive, which he stored at home. Ruiz admitted to targeting accounts belonging to younger women -- including his personal (and hopefully former) friends and colleagues. Once he had access to their Yahoo accounts, he used password resets on third-party sites to break into Apple iCloud, Facebook, Gmail, DropBox and other accounts.

Disney says its new Disney+ streaming service doesn’t have a security breach, but some users have been shut out after hackers tried to break into their accounts . The news site ZDNet found stolen account usernames and passwords selling for on underground hacking forums.

Watch CBSN Live. Disney+ accounts already found on hacking sites . Disney said Tuesday that its new streaming service is secure, denying there was a breach following a report that some users were shut out after hackers tried to break into their accounts .

Disney said Tuesday that its new streaming service is secure, denying there was a breach following a report that some users were shut out after hackers tried to break into their accounts.

a sign on the side of a building: US-ENTERTAINMENT-CINEMA-DISNEY-D23 © ROBYN BECK US-ENTERTAINMENT-CINEMA-DISNEY-D23

The news site ZDNet found stolen account usernames and passwords selling for $3 on underground hacking forums. Disney's streaming service, Disney+, costs $7 a month or $70 a year. According to a person familiar with the leak, "tens of thousands" of users were impacted.

Disney+ comes as Disney and other traditional media companies try to siphon customers away from Netflix and other streaming providers. Disney is hoping to attract millions of subscribers with its mix of Marvel and Star Wars movies and shows, classic animated films and new series.

Hacked Disney+ accounts are already available for sale online

  Hacked Disney+ accounts are already available for sale online Hackers capitalized on the launch of Disney+ by stealing user accounts and selling them online.According to an investigation from ZDNet, many of these stolen accounts are being offered for free on hacking forums or are available for sale with prices ranging from $3 to $11, despite the fact that a legitimate Disney+ subscription only costs $7.

Disney says its new Disney+ streaming service doesn’t have a security breach, but some users have been shut out after hackers tried to break into their accounts .The news site ZDNet found stolen account usernames and passwords selling for on underground hacking forums.

The news site ZDNet found stolen account usernames and passwords selling for on underground hacking forums. Disney ’s streaming service costs a month or a year. Disney Plus comes as Disney and other traditional media companies seek to siphon the subscription revenue now going to

Helped by promotions, including a free year for some Verizon customers, Disney+ attracted 10 million subscribers the day it launched last week. The popularity led to some technical difficulties in the opening hours, but those problems have largely been resolved.

Disney says there's no indication of a security breach compromising passwords. It says it takes the privacy and security of users' data seriously. Disney+ hasn't said how many subscribers have had security problems.

It's likely hackers used malware or keylogger software, which records keyboard strokes, to access weak passwords. It also seems that some email and password combinations were re-used by Disney+ subscribers after they'd previously been stolen from other online services.

Disney+ user accounts are already getting hacked

  Disney+ user accounts are already getting hacked The launch of Disney+ thus far has been something of a mixed bag. On one hand, Disney was able to get 10 million users to sign up for its fledgling service, an impressive figure no matter how you look at it. On the other hand, the service’s debut was not without its share of frustrations as users experienced a range of technical difficulties when it came to actually accessing Disney’s vast catalog of content. While some users experienced slow streaming speeds, others were unable to connect to the service at all.© Provided by Penske Media Corporation Disney Disney naturally attributed the issues to swelling consumer demand.

A number of Disney+ users have taken to social media to note issues with their accounts , which some have chalked up to a potential hack . In many of the complaints, users are claiming that they are unable to access their Disney+ account and believe that hackers may be responsible.

Hackers began hijacking accounts hours after Disney+ launched earlier this week.

Paul Rohmeyer, a professor at the Stevens Institute of Technology in Hoboken, New Jersey, said he's surprised that streaming services haven't yet implemented better security such as multi-factor authentication, in which users must enter a code sent as a text message or email when logging in from a new device. The code helps ensure that people using stolen passwords or guessing them can't use a service without also having access to the legitimate user's phone or email account.

Rohmeyer said services may be hesitant to implement tougher security because they don't want to be seen as more inconvenient than competitors.

Multi-factor authentication is an option for many non-streaming services, including Google, Facebook and Apple, but the extra security must be turned on. Disney+ does require codes sent by email when changing account passwords, but it doesn't use them for logging in from new devices.

CNET senior producer Dan Patterson contributed to this report.

6,000+ affected by Montgomery County Public Schools' data breach .
Montgomery County School officials announced that several of their schools have been affected by a data breach. School officials said they were originally notified of the data security incident in October. The incident happened through Naviance, the school system's online college and career readiness program for MCPS students interested in postsecondary plans. Naviance reported to MCPS Oct. 4 that around 1,300 student accounts and one parent/guardian account at Wheaton High School was compromised. It was reported that an unauthorized user conducted a "brute force" attack against the high school's Naviance platform to access accounts.

—   Share news in the SOC. Networks

Topical videos:

usr: 0
This is interesting!