Internet security giant Kaspersky has released a report that it identified over 7 million “compromised accounts” for the best streaming services that have leaked online in 2024 alone.
The details were not leaked due to a break in the security system for the streaming services itself, but were instead gripped by other malicious means, such as spyware browser extensions that are scraping the information you are writing on your computer and sending them away to scammers or fake websites that fool you to enter your account information (known as phishing).
Netflix accounts were the vast majority of the leaked information identified by Kaspersky, numbering over 5 million of the 7 million in total. However, there were also leaked accounts for Prime Video, Disney+, HBO Max and Apple TV+.
The highest number of leaked accounts appear to be for people based in Brazil, then Mexico, then India – but accounts leaked everywhere, from Britain to Canada to Australia to Japan.
How big problem is this?
If your account has been violated, the good news is that it should not put your financial information in great danger, with a few notable exceptions.
Your billing info should be saved securely by all these streaming services and not visible to someone who simply reviews your profile if they log into vicious.
With them like Netflix and Disney+ cracking of password division between households, someone who uses your login to see from another country can get these streaming services to give you a warning to comply with their terms.
However, the greater danger is whether the passwords involved give them access to other services. For example, if your Prime Video -Login is the same as your Amazon Prime Login, one account may mean they can order things online from your account.
Similarly, if your Apple TV+ login is the same as your overall Apple ID login, someone could potentially spend money on the payment information connected to your Apple ID.
However, Amazon and Apple both support two-factor approval, which means that the password alone should not be enough for anyone to log in to your account and you do not have this active, you should definitely change it now.
But in any case, if your password for these services is the same one you use for any other login, the danger is not someone who logs in to your Netflix – they are the ones who use the same details to log in as you on online shopping platforms or other places where they could do some financial damage.
Therefore, we always recommend using one of the best password managers so that you have a unique password for each service without the hassle of having to remember them all. IPhones and Android phones all have this capacity built into them.
What are you going to do next?
If you are concerned about your accounts for these services, you must log in to them and change your password immediately.
In general, activating two-factor approval on all services that supports it is a no-brainer. In particular, Netflix does not offer this option, but it has its own page about how to keep your Netflix account secure.
If you are not already using one of the best password managers, it is now the perfect time to start. Many of these services tell you if one of your passwords appears in leaked account information so you can take steps to change it immediately.
But also remember how these details leaked: Not through hacks of the services, but because people downloaded Dodgy Browser extensions and software, or were caught in phishing schemes that asked them to enter their details on fake sites.
Being careful online is as important as using technical settings as a password administrator or two-factor approval.
Kaspersky’s report highlights three things to remember:
- “Always use a legitimate, paid subscription when you access streaming services and make sure you use apps from official marketplaces or the official sites.”
- “Always confirm the authenticity of sites before entering personal information. Stick to trusted, official pages when you view or download content and double-control URLs and company name spellings to avoid phishing sites.”
- “Be careful with the felt extensions you are downloading. Video files should not have .exe or .msi extensions – these are typically associated with harmful programs.”
