Big Scandal About Netflix Data Leaks
Netflix is one of the most popular streaming video services in the world. The service produces and shows various films and TV series.
One of the distinctive features of Netflix is that new series are released not one episode a week (like HBO products), but a whole season on one day, simultaneously around the world in different languages.
Netflix is available in any country and works on a variety of devices: smartphones (Android and iOS), tablets, PCs, televisions, set-top boxes, game consoles, and DVD and Blu-ray players.
Despite the frenzied popularity of the service, scandals related to Netflix data leaks happen from time to time.
In this article, we would talk about the main one that happened not long ago.
The best video hosting websites to use right now are here.
Netflix data leak scandal
Recently, two Americans have been charged with fraud for stealing and reselling accounts of the Netflix streaming service. As it turned out, the scammers used the method of data substitution for authorization — they took them from large database drains and used them to access paid services.
According to experts, this scheme is successfully exploited by hackers solely through the fault of irresponsible users.
The U.S. Attorney’s office alleges that two cybercriminals from Oregon were reselling stolen Netflix credentials.
According to the prosecution, Samuel Joyner and Evan McMahon stole and sold more than 200,000 customer accounts of the streaming service using the AccountBot platform.
Accountbot customers pay an average of $1.79 to $25 for access to such data. According to the Justice Department, McMahon managed the payments and the service itself, while Joyner handled customer service.
As of March 2019, the service allegedly had about 52,000 customers and offered more than 217,000 stolen credentials that were obtained by hacking.
It is worth noting that most often the attackers acquired credentials as a result of reusing and selecting passwords and logins from different merged databases, using credentials that became available as a result of leaks from the services themselves, and phishing emails allegedly on behalf of the services, which essentially tricked users into giving up their account login data.
Do you like KissAnime? Learn more about its security here.
Why do these kinds of attacks work?
This type of attack is triggered because users often use the same passwords and logins on many sites.
Many streaming services have been dealing with various password theft schemes for many years. Earlier this year, Netflix launched a campaign to combat shared access to subscribers’ accounts, showing calls on the screen to register rather than use someone else’s account, because the more people know the password and login, the more likely they are to be compromised.
The antivirus company ESET shared the results of a study among subscribers of Netflix platforms, which was conducted to find out how they manage their account passwords.
It turned out that 60% of respondents share their passwords with other people. ESET cyber threat researcher Jake Moore believes that it is precisely because of this mass exchange of passwords that illegal databases of access to paid services have appeared on the internet.
At the same time, only one in five users shares their password from Netflix and other services by telling it verbally to someone. The rest send data via SMS, email, and messengers. In case of hacking, such passwords instantly end up in the corresponding dark net databases, from where they are extracted by fraudsters for further resale.
There is another important point: many subscribers of content platforms use the same password for different sites. So, having acquired a password from someone’s correspondence — for example from Netflix — an attacker can successfully apply it to Spotify, YouTube, and other services.
What data hacking options still exist?
In addition, there is this common way of fraud: a hacker posing as a Netflix employee sends users an email with a link to a phishing site and asks them to update their account.
If a person believes it and enters their username, password (and sometimes even credit card details) on this fake site, their data will go directly into the hacker’s database, from which they can be sold later.
Other schemes, rather than selling the account information of an existing user, help buyers on the black market to buy accounts created based on stolen credit card data.
These generators use existing databases of stolen financial information to buy new accounts.
What is phishing and how can you protect yourself from it? Learn more here.
Netflix was at the center of a lawsuit
The lawsuit alleges that Netflix “concealed from shareholders a slower growth in the number of subscribers, including due to the sharing of accounts by customers and increased competition from other streaming services.”
The document also says that the company has hidden “difficulties with retaining users,” due to which the platform, according to shareholders, is losing subscribers.
The plaintiffs claim that they suffered “substantial losses and damages” due to the concealment of this information. In turn, representatives of Netflix declined to comment on these reports.
At the same time, it is clarified that at the end of April, the company published a report for the first quarter, in which it was noted that the total number of paying subscribers worldwide, taking into account newcomers, fell by 200,000. This decrease was the first since 2011. It led to a drop in the value of Netflix shares by a quarter (27.7%) to $348.61.
How to download all your data from the net to protect it. Read more here.
At the moment, it is impossible to predict whether Netflix will be able to break into the leaders in in terms of views among streaming platforms again. After all, the recent scandals around the site, including the leakage of user data, have affected the reputation of the platform.
Many users are afraid to register and trust the site with their data because at any moment they can be compromised.