November 25, 2019

Disney Is Not Always The Happiest Place On Earth

Most everyone across the planet has some exposure to Disney or Disney products. It is one of the most recognized brands on the planet and is the center of some of the best memories of most everyone’s childhood. Truth be told, this probably extends into their adulthood as well, especially now that Disney own the Marvel franchise. So, it is no surprise that when Disney launches another great asset into the digital world, that they become a target for cyber criminals.

Disney+ HAs Huge Launch

One of the most anticipated announcements finally arrived this year when Disney launched the Disney+ streaming service. Needless to say, it was a huge success and broke all kinds of records.According to Showbiz Cheatsheet in an article titled “A Crazy Amount of People Have Signed Up for Disney+ But Will Its Success Mean the End of Netflix?”:

According to reports, Disney+ gained 10 million subscribers on its first day. Granted, some of these users are signed up for a free seven-day trial and might cancel afterward. Still, considering Netflix has 60 million subscribers domestically, this puts Disney+ in a very good position going forward.

That surge of customers was so strong, in fact, that Disney+ experienced technical issues and outages its first day. Nonetheless, most fans seem pleased with the service. Considering the strong slate of original content still to come (including live-action Marvel series), Disney+ has even brighter days ahead in 2020.”

As with anything that attracts huge success in the digital world, it also attracted it’s share of cyber threats.

Disney+ Accounts Hacked

As the Marvel movies continue to showcase (while making $billions) the Peter Parker Principle: “With great power, comes great responsibility”, it seems that Disney has actually done their job, but the results are still the same, namely that lots of user’s credentials to the Disney+ app have been hacked.. 

According to a CNN article titled “So, your Disney+ account was hacked. Here's what to do”:

“Hackers have gained access to thousands of Disney+ user accounts, selling them for between $3 and $11, according to multiple investigations. Some people were complaining that hackers locked them out of their accounts after online thieves gained access and changed their accounts' usernames and passwords.”

The article goes on to explain that Disney itself wasn’t hacked:

“Disney+ itself does not appear to have been hacked. Instead, Disney+ customers' credentials were stolen in other security breaches. Many people use the same email logins and passwords for multiple accounts, including the streaming service, which have been stolen during previous security breaches.”

This brings up the critical question of who is ultimately responsible for your authentication?  Is it the requirement of the vendor selling you access to their cloud-based app, or is it your responsibility to create stronger/better passwords or deal with more Multi-factor Authentication (MFA)? Ultimately, what is needed is some method to ensure that only you are authenticated as you in the digital world.

Protecting Your Access To Cloud Applications

So how do you protect against these types of identity hacks? The answer is absolutely not relying on a different username and password combination. In fact, when you recognize that every password you have ever created, or have yet created, as already been compromised, only then will you be ready for a continuous behavioral authentication solution.

Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.

Download the Enterprise Management Associates’ Ten Priorities For Identity Management in 2019  today and then check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.

Download EMA Top 3 Identity Management Report

multifactor authentication continuous behavioral authentication Disney+ hack