Disney+ accounts hacked, likely due to password reuse

Hacked Disney+ accounts showed up for sale on dark web criminal markets almost immediately after Disney's new streaming service went live, reported ZDNet.

The big picture: The hijacking of account credentials no doubt came as a shock to the affected users, who suddenly found their passwords changed and their accounts inaccessible. But it's a commonplace occurrence in a world where many users reuse passwords from one service to another.

Details:

• Accounts on Netflix, Hulu and other services are also widely on sale.
• Users typically lose control of their accounts either because they've reused passwords from other sites that have been compromised, or they chose extremely common passwords that hackers could guess.
• Hackers use automated systems to try usernames, email addresses and passwords taken from sites breached days, months or years in the past on new sites.
• Some users have claimed to have unique passwords stolen — which, if accurate, could mean those account login details were stolen using malware. However, that's rarely the norm for this kind of theft.

The bottom line: Disney+ accounts are now said to be on sale for between $3 and $11 dollars. When the next big streaming service launches, expect access to that site's accounts to go on sale as well.

Go deeper: Most retail site traffic aims to steal accounts