![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Entry tags:
Did you subscribe to Disney+? Your account may already have been hacked and sold.
And Disney+ is not yet a week old.
In many cases, the account compromises happened because people frequently re-use passwords, so all the criminals needed to do was to take one of the well-known password dumps and test it against Disney+ until it hit, then change the password and lock the true owner out of the system.
But there are documented cases of people using unique passwords who are getting their accounts taken away by these thieves.
So the question is: has Disney's system already been hacked? There's also the possibility that a number of people have their computers infected with malware such as keyloggers and their accounts were compromised through that vector.
Here's a simple rule to follow: any web site or service that has your credit card or banking information SHOULD HAVE A UNIQUE AND STRONG PASSWORD. Re-using passwords is fine - I do it all the time - for sites that have zero monetary value. But if my banking information is tied to a site, it has a strong and unique password associated to it.
https://www.zdnet.com/article/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums/
In many cases, the account compromises happened because people frequently re-use passwords, so all the criminals needed to do was to take one of the well-known password dumps and test it against Disney+ until it hit, then change the password and lock the true owner out of the system.
But there are documented cases of people using unique passwords who are getting their accounts taken away by these thieves.
So the question is: has Disney's system already been hacked? There's also the possibility that a number of people have their computers infected with malware such as keyloggers and their accounts were compromised through that vector.
Here's a simple rule to follow: any web site or service that has your credit card or banking information SHOULD HAVE A UNIQUE AND STRONG PASSWORD. Re-using passwords is fine - I do it all the time - for sites that have zero monetary value. But if my banking information is tied to a site, it has a strong and unique password associated to it.
https://www.zdnet.com/article/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums/