Internet security giant Kaspersky has published a report indicating that it has identified more than 7 million “compromised accounts” for the best streaming services that disclosed online in 2024 only.
Details have not been disclosed due to a violation of the safety system of streaming services themselves, but have rather been seized by other malicious means, such as spyware browser extensions, which scrape the information you type on your computer and send it crooks or false websites that encourage you to enter your account information (known as phishing).
The Netflix accounts were by far the majority of the information disclosed identified by Kaspersky, among 5 million of the 7 million in total. However, there were also disclosed accounts for Video, Disney +, HBO Max and Apple TV +.
The greatest number of accounts disclosed seems to be intended for people based in Brazil, then in Mexico, then in India – but accounts fled everywhere, from the United Kingdom to Australia in Japan.
What is the size of a problem?
If your account has been raped, the good news is that it should not put your financial information in danger, with some notable exceptions.
Your billing information must be stored safely by all these streaming services, and not visible for anyone who simply brows your profile if it connects in a malicious manner.
With tastes of Netflix and Disney + reducing password sharing between households, someone who uses your connections to watch from another country could lead these streaming services to give you a warning regarding the adhesion to their conditions.
However, the greater danger is whether the passwords involved give them access to other services. For example, if your main video connection is the same as your Amazon Prime connection, then this account can mean that it can order online things from your account.
Similarly, if your Apple TV + connection is the same as your overall Apple identification connection, then someone could potentially spend money from payment details connected to your Apple identifier.
However, Amazon and Apple take care of two factors authentication, which means that the password alone should not be enough for someone to connect to your account – if you don’t have that active, you should absolutely change this now.
However, in any case, if your password for these services is the same as you use for each other connection, then the danger is not someone who connects to your Netflix – it is them using the same details to connect as you on online purchase platforms or in other sites where they could do financial damage.
This is why we always recommend using one of the best password managers, so you have a single password for each service without the hassle of needing you all. Android iPhones and phones all have this integrated capacity.
What should you do next?
If you are concerned about your accounts for these services, you must log in and modify your password immediately.
In general, the activation of two factors authentication on all the services that support it is obvious. Netflix, in particular, does not offer this option, but it has its own page on how to keep your Netflix account secure.
If you are not already using one of the best password managers, this is the perfect time to start. Many of these services will tell you if one of your passwords appears in the disclosed account information, so that you can take measures to modify it immediately.
But also keep in mind how these details fled: not through hacks of services, but because people have downloaded dubious browser extensions and software, or were taken in phishing diagrams that asked them to enter their details in false websites.
Being careful online is just as important as using technical options such as a password manager or two -factor authentication.
Kaspersky’s report highlights three things to remember:
- “Always use a legitimate and paying subscription when you access the streaming services and make sure to use applications from official markets or official websites.”
- “Always check the authenticity of websites before entering personal information. Get the official confidence pages when you look or download content and check URLs and spelling of the company name to avoid phishing sites.”
- “Be careful about the file extensions that you download. Video files should not have extensions. EXE or .MSI – These are generally associated with harmful programs.”
