Security used to be simple. 10-15 years ago, if you had antivirus software, a firewall, and some physical security measures like an alarm system or camera, you were safe. But since then things have changed dramatically. You can’t go one week without seeing another news article about the latest high-profile cyber attack. Hackers are working tirelessly to get into your systems, steal your data, and make you pay. Here’s a little story that will some shed light on how hard cybercriminals are working to steal your data, and why cybersecurity is so important for your business.
If you haven’t already heard, on November 12th Disney released a subscription video on-demand streaming service called Disney+. If you’re a die-hard Disney, Marvel, Pixar, or Star Wars fan, you probably didn’t waste much time subscribing to the service. Since it first launched 3 weeks ago there are already millions of customers. Unfortunately, cyber criminals didn’t waste much time either. Disney+ user accounts were being hacked hours after the service launched.
Almost immediately, some users began to complain that they were not able to stream their movies and shows. But, that’s not all! Many subscribers reported that their accounts were hacked, and they were being logged out on all their devices. They received emails notifying them that their account information had been altered, and when they researched further, users realized that their passwords and emails had been changed. The owner of the account was locked out for good.
What’s shocking is the speed at which cybercriminals hijacked and monetized the accounts. Breached credentials were put up for sale on hacking forums. Accounts were on sale from around $3 to $11 (which by the way, is higher than the original cost for the service, which is $7). The forums also had ads that offered Disney+ account credentials to be shared amongst the hacker community for free. The original owners of the accounts were contacted, and they confirmed that the credentials were theirs and still active.
So, how did this happen?!
One of the common mistake’s individuals make is reusing the same passwords across accounts. If you are guilty of this, then it’s time to start creating unique passwords. Once a hacker finds out your go-to password, they can easily hack into all your accounts. BUT, that’s not the only way hackers breaking into your Disney+ accounts. There is the possibility that hackers gained access to accounts through machines infected with keyloggers or malware.
Now for the scary part: cybercriminals can easily obtain access to your business through your Disney+ accounts. By identifying your email and passwords, they can repeat the same passwords, or variations of them, and gain access to your computer, your network, or even your bank account. And if you were infected by malware or a keylogger, you have a bigger problem! Hackers can damage your devices, steal your data, and even encrypt your computer in exchange for a “ransom”. If you are breached, your confidential data could be held hostage until you pay the ransom.
Here’s what you should do to protect your accounts:
Implement multi-factor authentication (MFA) on all your accounts. This will help prevent attacks that occur from people reusing the same passwords. You should also have an anti-virus tool and a dark web monitoring solution. Dark web monitoring acts as an early warning signal that your credentials have been compromised, and that someone might be attempting to steal your identity. If your credentials are found on the dark web, you will be alerted immediately. That way you can change your password right away, BEFORE they can be used by a malicious cyber attacker.
If you signed up for Disney+ and are worried that your account might be breached, or if you are concerned about your business’s security, we’re here to help. Call us at 416-966-3306 or email us at [email protected] and we can help give you the peace of mind that comes with knowing that your business secure.