Educause Security Discussion mailing list archives
Re: Disney+ Hackef
From: "Scantlin, Aaron J." <ScantlinA () MISSOURI EDU>
Date: Tue, 19 Nov 2019 12:19:58 +0000
I don’t know… the vast majority of this is FUD. This is the single relevant excerpt from the article: “Two users who spoke with ZDNet on the condition we do not share their names admitted that they reused passwords. However, other users said online that they did not, and had used passwords unique for their Disney+ accounts. This suggests that in some cases hackers gained access to accounts by using email and password combos leaked at other sites, while in other cases the Disney+ credentials might have been obtained from users infected with keylogging or info-stealing malware.” While this might be the early signs of some major security failing, I think that the number of compromised accounts is small enough to suggest that password reuse is a much more reasonable suspicion. Aaron J. Scantlin Security Analyst, Division of IT GSEC, GCFA, GNFA University of Missouri - Columbia (573) 884 - 7555 scantlina () missouri edu From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Ronald Loneker Sent: Monday, November 18, 2019 8:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Disney+ Hackef Everyone - Well that didn’t take long... https://www.zdnet.com/article/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums/ Ron Loneker Jr Director, IT Special Projects College of Saint Elizabeth -- ---------------------------------------- Ron Loneker, Jr. Director, IT Special Projects College of Saint Elizabeth 2 Convent Road Morristown, NJ 07960 Phone: 973-290-4229 E-mail: rloneker () cse edu<mailto:rloneker () cse edu> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Disney+ Hackef Ronald Loneker (Nov 18)
- Re: Disney+ Hackef Scantlin, Aaron J. (Nov 19)
- Re: Disney+ Hackef Barton, Robert W. (Nov 19)
- Re: Disney+ Hackef Kevin Wilcox (Nov 19)
- Re: Disney+ Hackef Barton, Robert W. (Nov 19)
- Re: Disney+ Hackef Scantlin, Aaron J. (Nov 19)