Some customers who signed up for Disney Plus, Walt Disney Co.'s new streaming service, saw that their usernames and passwords were for sale online to third parties and their newly created accounts were blocked.
Disney said its system has not been hacked and is working to quickly address the problem. In fact, they raised the possibility that hackers obtained users and passwords from data leaks in other companies.
"Disney takes the privacy and security of our users' data very seriously, and there is no evidence of a security breach at Disney +," the company said in a statement.RELATED
Disney + is the company's effort to create a direct connection with consumers. The launch of the $ 7 service per month was a week ago and quickly registered more than 10 million customers.
Even so, the debut was marred by many customer complaints that failed to log in or had trouble accessing.
While Disney has long collected customer names and passwords for its theme parks and online games, worldwide online expansion leads to a greater likelihood of data breach.
ZDNet reported over the weekend that user accounts were put up for sale in piracy forums a few hours after the launch of the service at prices between $ 3 and $ 11 each. Some customers reported that they had used old passwords, but others said no, according to the website.
While there may be a few thousand Disney accounts compromised, that's little compared to the hundreds of thousands of users and passwords on the black market stolen from platforms like Hulu, Netflix and HBO, said Andrei Barysevich, executive director and co-founder of the security company Gemini Advisory.