Over 7 Million Streaming Accounts Hacked in 2024, Says Cybersecurity Firm

Over 7 million accounts from popular streaming platforms like Netflix, Disney+, Amazon Prime Video, Apple TV+, and Max have been compromised this year, according to a new report by cybersecurity firm Kaspersky.

The researchers revealed that criminals didn’t hack the services directly. Instead, they collected login details through a large-scale credential theft campaign. The stolen data mostly came from unofficial browser extensions, third-party apps, and other downloaded software that secretly harvests login information and personal data.

Out of the 7.01 million affected accounts, more than 5 million belonged to Netflix users.

“Malware hidden in unofficial downloads or third-party tools silently steals login credentials and personal data, which are then traded or sold on cybercriminal forums,” said Polina Tretyak, a digital footprint analyst at Kaspersky.

Tretyak warned that protecting your streaming accounts means more than just using strong passwords. Users should secure their devices, avoid suspicious downloads, and be cautious when clicking on unfamiliar links.

Netflix has not yet responded to the report, but its official website offers safety tips for keeping accounts secure.

Streaming services have become a frequent target for cybercriminals. A recent phishing scam targeted Netflix users in 23 countries. Attackers sent emails and text messages pretending to be Netflix, warning users that their subscription was ending or that their payment had failed.

Cybersecurity experts at Bitdefender advise users not to click on links in such messages, even if they look real. Instead, they recommend manually typing the website address into your browser to check your account.

“If you’ve accidentally shared your Netflix login or personal info, change your password right away and cancel any compromised credit cards,” Bitdefender said.

Tips to Stay Safe Online:

• Don’t install unofficial browser extensions or apps.

• Be careful with downloads from unknown sources.

• Never click on suspicious links in emails or texts.

• Use strong, unique passwords for each service.

• Turn on two-factor authentication where available.

Stay alert and protect your personal data from cyber threats.