Re: Disney+ Hackef

["Barton, Robert W." <bartonrt () LEWISU EDU>]

Sure could be….some other questions.

Lockout policy?
What are the requirements for passwords?
If they use 2FA(option?), what are the possible solutions?

As an adjacent note, take a look at this site.  https://gimletmedia.com/shows/reply-all/v4he6k  It is a good pod cast 
to listen to, but the security links at the bottom are great.  I have to look at it more, but it seems Google 
Authenticator may be better than using SMS for 2FA (less chance it will be taken).

Robert W. Barton
Executive Director of Information Security and Policy
Lewis University
One University Parkway
Romeoville, IL  60446-2200
815-836-5663

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Scantlin, Aaron J.
Sent: Tuesday, November 19, 2019 6:20 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Disney+ Hackef

I don’t know… the vast majority of this is FUD.  This is the single relevant excerpt from the article:

“Two users who spoke with ZDNet on the condition we do not share their names admitted that they reused passwords. 
However, other users said online that they did not, and had used passwords unique for their Disney+ accounts.  This 
suggests that in some cases hackers gained access to accounts by using email and password combos leaked at other sites, 
while in other cases the Disney+ credentials might have been obtained from users infected with keylogging or 
info-stealing malware.”

While this might be the early signs of some major security failing, I think that the number of compromised accounts is 
small enough to suggest that password reuse is a much more reasonable suspicion.


Aaron J. Scantlin
Security Analyst, Division of IT
GSEC, GCFA, GNFA
University of Missouri - Columbia
(573) 884 - 7555
scantlina () missouri edu<mailto:scantlina () missouri edu>




From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> On Behalf Of Ronald Loneker
Sent: Monday, November 18, 2019 8:11 PM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Disney+ Hackef

Everyone -

Well that didn’t take long...

https://www.zdnet.com/article/thousands-of-hacked-disney-accounts-are-already-for-sale-on-hacking-forums/

Ron Loneker Jr
Director, IT Special Projects
College of Saint Elizabeth

--
---------------------------------------- Ron Loneker, Jr. Director, IT Special Projects College of Saint Elizabeth 2 
Convent Road Morristown, NJ 07960 Phone: 973-290-4229 E-mail: rloneker () cse edu<mailto:rloneker () cse edu>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone at (815)-836-5950 and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.

Thank you.

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community