Disney+ might be a new service, but it already appears to be a prime target for hackers.
A recent report details how thousands of accounts have already been put up for sale online. In some cases, for as low as $3.
The company responded by stating there's been no data breach.
Disney+ accounts up for sale
In most cases, original account holders have been locked out of the accounts, limiting what they can do to reverse the problem.
This is not an incident specific to Disney+. Many streaming services suffer in a similar way with user account details often sold online as a cheaper way to access a service.
However, what's striking here is the number of reported instances in the limited amount of time.
Responding to the reports, Disney states there's been no actual data breach. In other words, these hacking instances are not the result of the service itself. The suggestion here is the issue is more likely to be related to traditional email and password hacks.
In some cases, it is thought to be the direct result of subscribers having used previous email and password combos when signing up to Disney+.
Not just popularity making Disney+ a target
Disney+ is already a popular service. Estimations point to 10 million subscribers and that number is only likely to grow. Therefore, it makes sense the service would equally prove popular with hackers.
However, the popularity is only one element here. Unlike other streaming services, Disney aggressively pushed forward with a pre-order deal prior to the launch. The deal allowed customers to subscribe on a three-year basis at a reduced rate.
These accounts, in particular, appear to have been targeted by hackers, and understandable so.
A three-year subscription that's already bought and paid for is likely to be an easier sell and at a higher value.
What should I do if I'm a current Disney+ subscriber?
Technically, there's not much you can do right now. With Disney stating there's hasn't been a data breach, there's little for existing users to do.
The report does point out that Disney+ currently lacks two-factor authentication. This is something the company could introduce in the future as an additional layer of security. It remains unclear whether Disney does plan to utilize two-factor authentication anytime soon.
In the meantime, taking advantage of general safeguards is always advisable. For example, using email and password combinations that have been used before places a user at a higher risk of being hacked.
Using a fresh password with an existing email address is one way to safeguard against this happening.
Another useful safeguard is limiting those you share login credentials with.