Hackers started hijacking thousands of accounts a few hours after the service has launched.
These accounts are available for free and others are being sold from 3 to 11 on hacking forums and the deep web.
The Disney + service was launched on November 12 and even it is only available in USA, Canada and the Netherlands, it has more than 10 millions active users right now.
Many users are reporting that they can’t stream their favorite shows and movies.
A lot of users reported that hackers gained access to their accounts, changing the account’s password and email address.
These complains flooded the social networks like Twitter and Reddit.
The user name and password were probably took from other leaked sites and some where infected with keylogging software on their computers.
Just a few hours after the service was launched, thousands of accounts are being offered for sale with prices varying from 3 to 11 dollars each.
Below are some screenshots taken from various hacking forums:
For security reasons we cannot disclose the url of those hacking forums.
Disney haven’t said anything about this issue.
Based on our investigation, Disney+ doesn’t have support for multi–factor authentication, with this solution, the attacks would be prevented with someone try to access your account from an unknown browser or device.