Thousands of Disney+ accounts have been hacked: Here’s how to protect yours

Thousands of Disney+ customers have had their accounts stolen and sold to viewers in unsupported territories, a recent report revealed. So now would be a wise time to take a second to increase the protection on your account, starting with changing your password to something a little more secure.

First, some context

ZDNet notes that an abundance of Disney+ accounts surfaced on hacking forums within a matter of hours of the service launched on November 12. The number of compromised subscriptions has since entered the thousands, with hackers selling access for as low as $3 per credential (they start at $7).

It is believed that the majority of the accounts were accessed using a basic code-breaking application, which cycles through a list of common password combinations until they find one that fits. The hackers then proceed to change the email address and password, before passing the accounts on.

Disney’s advice? Use a unique password for their account that incorporates a mixture of numbers, characters, and symbols. This will make it significantly harder for the so-called ‘cracking’ tools to decipher the password, invariably resulting in the hacker moving on to another account that’s easier to access.

It’s a numbers game, after all. At $3 a pop, hackers spending time accessing these accounts will want to amass hundreds, if not thousands, to make the endeavor worthwhile, so using a password that isn’t isn’t in the rotation will most likely instruct the software to move on to the next name on the list.

How to change your Disney+ password

how to change disney plus password
Just enter your current password, followed by your new password, then hit Save.

The first step to securing your Disney+ account is changing your password to something a little more taut. You’ll want to use a password manager like 1Password to do this because it can both create a random, ultra-secure password that’s unique to the streaming service and store it safely.

Have a password in mind? Here’s how to change your Disney+ password:

  1. Head over to www.disneyplus.com/account.
  2. Select Change Password.
  3. Input your existing password.
  4. Enter your new password.
  5. Press Save.

Warning: If your machine has been compromised by a keylogger, changing your password will not make a difference as the virus will catch the new credential the next time you type it. If you suspect this is the case (i.e. a number of your accounts have been hacked), run a virus scanner.

How to change your Disney+ email address

how to change disney plus password email address
Simply input your new email address and your password, then tap Save.

You’ll also want to change your email address to something a little more illogical. There are a number of ways you can do this, but the easiest is to add a ‘+‘ to the end of your existing email address, followed by a phrase unique to Disney+. For example digitaltrends+disney@digitaltrends.com.

Believe it or not, this will forward all email sent to this email address to your existing email address. In our case, this would be digitaltrends@digitaltrends.com (note: not all email providers support this feature — the alternative is to create a new email address or set up an alias).

The intention here is to make it harder for hackers to figure out the email associated with your Disney+ account. Most will assume it’s your default email address, which may be listed in a huge list of emails they’re working through, so modifying it reduces the risk of them obtaining access.

Here’s how to change your Disney+ email address:

How to tell if your Disney+ account has been hacked

In all honesty, Disney+ isn’t that well-rounded a service and is missing all the telltale signs (it doesn’t keep a log of what you’re watching, nor does it show you where you’re signed in), so the only way you’ll be able to tell if your Disney+ has been compromised is when you’ve lost access altogether.

What to do if your Disney+ account has been hacked

The first thing you’re going to want to do if your Disney+ account has been hacked is to contact Disney with the date you registered for the service, the last time you had access, the original email address, and the type of payment method (Visa Debit, for example) on file. They may be able to restore it.

Failing this, we recommend reaching out to your bank or credit card provider and explaining to them what happened. They may be able to refund the money you paid for the account ($7 for a one-month membership, $13 for the Disney+ Bundle, or $70 for access to Disney+ for an entire year).

Want to learn more about Disney+? Here’s everything you need to know about the new streaming service.

Editors' Recommendations