OVER 7 million user accounts from Netflix, Disney+, Amazon Prime Video, Apple TV+, and Max were compromised last year. The major credentials breach was revealed in a report by cybersecurity firm Kaspersky. The discovery represents a significant and evolving digital security threat and highlights the increasing sophistication of cybercriminal methodologies.
APP ATTACK The malware infiltrates devices through deceptive browser extensions and compromised third-party applications, extracting sensitive data. CHATGPT GRAPHICS
At the end of 2024, Kaspersky identified 7,035,236 leaked credentials directly associated with major streaming platforms. Netflix accounted for the majority of these compromises, with approximately 5.6 million affected subscribers. Disney+ had over 680,000 accounts compromised. Amazon Prime Video recorded a comparatively lower figure of 1,607 accounts. Nonetheless, it demonstrates the widespread nature of these credential harvesting operations across diverse platforms.
Accounts affected were predominantly found in Brazil, France, India, Germany, and Mexico.
Kaspersky’s Digital Footprint Intelligence Team reported that, based on the data they compiled, there is evidence the compromised credentials were not obtained through direct breaches of streaming service providers but were harvested via extensive malware campaigns targeting end users’ smart devices.
The malware infiltrates devices through deceptive browser extensions and compromised third-party applications, extracting sensitive data, including login credentials, session cookies, and other personally identifiable information. Once malware successfully infects a device, data exfiltration begins. Cybercriminals then acquire a wide array of sensitive information, including persistent browser session cookies and login credentials for other online services such as e-wallets, banking, e-commerce, and other critical financial details.
This stolen data is often traded on the dark web through underground cybercriminal forums or distributed freely to establish credibility with bad actors. Reusing identical passwords across multiple online services is one reason why digital intrusions, identity theft, and severe financial fraud occur.
A more significant finding is that digital natives — particularly Gen Z, who tend to trust the online systems they grew up with and frequently integrate streaming platforms into their social and cultural interactions — are the most common victims.
Kaspersky launched “Case 404,” an interactive game specifically designed for Gen Zers to deliver cybersecurity education in an engaging format. Participants assume the role of AI-powered detectives tasked with resolving realistic online crime scenarios. The initiative aims to enhance cybersecurity awareness and offers a discount on Kaspersky Premium upon completion, translating educational engagement into practical protection.
“Malware intricately concealed within unofficial downloads or third-party tools possesses the capability to silently collect and expose personal data,” Polina Tretyak, Digital Footprint Analyst at Kaspersky, said. She highlighted the inherent security blind spots that can arise from Gen Z’s deep engagement with streaming content.
Tretyak emphasized that securing streaming accounts in the current threat landscape requires more than strong passwords; it mandates comprehensive device security, rigorous avoidance of suspicious downloads, and consistent vigilance regarding online behavior.
Effectively countering these persistent and pervasive threats requires awareness and caution. Kaspersky recommends deploying robust security solutions, including comprehensive endpoint protection suites. Virtual private networks (VPNs), such as Kaspersky VPN, can significantly enhance data encryption and online privacy.
Apart from using a VPN, subscribing only to legitimate, paid streaming services and downloading solely from official and recognized app distribution platforms reduces the risk of attacks. This can be done by double-checking URLs or app names for unusual misspellings.
Avoiding suspicious executable files such as .exe or .msi originating from untrusted sources is crucial. Kaspersky also recommends meticulous verification of website authenticity before inputting any personal or financial information to prevent phishing attacks. Regular password updates for all online accounts — especially those potentially compromised — are strongly advised.
