Researchers at CyberSixGill conducted an investigation to find out how many Netflix and Disney+ accounts are offered for purchase on the dark web, and the numbers they came back with are dizzying. In total, since the beginning of 2020, users on various Tor sites have posted 805,085 Netflix and 596,502 Disney accounts. Most of these credentials are being sold for a few cents, and in most cases, they are bought in the thousands. In some cases, they are given away for free as a community-building gesture.
However, not all of these accounts are unique or valid, as many of them are scam entries or simply reposts. CyberSixGill has attempted to filter out the duplicates and find out just how many accounts correspond to real and active user IDs, and the number is 114,491 for Netflix and 106,424 for Disney+. This means 0.061% of the Netflix userbase and 0.139% of all Disney+ accounts have been compromised and leaked to the dark web. This may not sound like a lot, but mind that the sets are constantly refreshed with new entries.
Some factors affecting this market include the COVID-19 pandemic that induced several months of lockdown across the globe, content releases in the streaming platforms, subscription growth, which resulted in a greater amount of accounts being compromised - and on the other side, the defenses put up by the platforms themselves. Harvesting valid accounts and then using them to access content are getting increasingly difficult, and all major streaming services now employ some kind of a system to detect and stop suspicious logins.
To protect yourself against someone abusing your account, go ahead and reset your password on Netflix and Disney+ right now. By doing so, stolen credentials will be rendered useless. If your service of choice supports 2FA, set it up. If you sit on the other side of the spectrum, looking to buy a pair of credentials and avoid paying a monthly fee to Netflix and Disney+, remember that you could find much greater troubles for doing so than what you have to gain from it.
Funding crooks through accounts on shady marketplaces always leaves back a trace, and when these sites are dismantled, your details could end up in the hands of investigators. No cybercrime forum or marketplace ever deletes user data, so buying a pair of credentials may catch up with you many years later, with potentially uncontrollable consequences.