Streaming services aren’t anything new. They’ve been around for quite some time. But over the past couple of years, the industry has seen some increasing competition. This has been largely due to global corporations entering the market. Companies like Disney, Amazon, and even Apple want a big chunk of the market share. On the plus side, the increasing competition means that there will be more options and better-quality content. But this competition also means that these services may now offer a higher security risk as well.
The Disney Plus breach
Take the Disney Plus service for example. Barely a month since the service has launched but it has already been hacked. Thousands of users have lost access to the service as hackers have stolen accounts have been selling them on the dark web. According to ZDNet, some of these accounts were sold as little as $3, or sometimes even for free.
The hackers have gotten through the system owing to email addresses and reused passwords from other websites. Additionally, it is also possible that access would have been gained via users affected with malware. So far, it doesn’t seem like there was a security breach on any of Disney Plus servers. What this means is that the attacks have occurred at the users’ end.
It doesn’t seem like there’s an easy way for users to regain access to lost accounts. One possible security measure to avoid future setbacks of this nature is to enable two-factor authentication.
But Disney isn’t the only streaming service to take a hit from cyberattacks. Mixcloud, a UK-based audio streaming platform has also fallen victim to a security breach. A TechCrunch report suggests that this breach may affect as many as 22 million accounts. The data in question was sold on the dark web. As per TechCrunch, the data includes usernames, email addresses, sign up dates, lost login dates and passwords. All of these appear to have been encrypted via the SHA-2 algorithm.
As the company is based on London, Mixcloud falls under the UK and European data protection rules. Companies can be fined up to 4% of their annual turnover if GDPR rules are violated.
Another streaming service that’s come under fire recently, is Netflix. It appears that canceled Netflix accounts are being reactivated by hackers and the users are charged for the service. As part of Netflix’s customer retention strategy, it makes it easier for subscribers to rejoin the service f they chose to do so. Thereby, Netflix retains customer data including billing details for 10 months.
One takeaway from all these three cases is that sometimes it’s the basic security measures that could very well help safeguard your digital properties.
Never re-use same login details
It can be tempting to use the same password for another service or account you sign up for. Particularly in a scenario where there are so many login details to remember. But reusing the same password can compromise your data security. Always a good idea to use different passwords with varying characters included. This essentially mitigates the risk of falling victim to brute force attacks.
Enable two-factor authentication (2FA) wherever possible. It is always advisable to set up two-factor authentication on services you sign up for. Gmail, for example, has a thorough 2FA mechanism where suspicious logins are often asked to verify even if you’re using the same computer sometimes. It even sends out alerts the service notes any out-of-the-ordinary login.
Routinely check for logged in devices
When using online services like Facebook, LinkedIn, Netflix, etc. its good practice to regularly check logged in devices for a particular account. Most services provide this facility to users nowadays and it could be a good way to verify if your account is hacked or not.
Don’t just cancel, delete your data too
Another thing that most of us may not pay much attention to, is how our data is handled after we opt out of service online. If you don’t plan on returning to a service, then ensure your data is completely removed from the company. Companies like Netflix and Facebook offers users the option to delete their data once accounts have been deactivated. Although to be fair, these companies don’t exactly make these processes obvious as they should be making them.
Your email is a sacred space. Don’t click on anything fishy
Malware and phishing attacks are a massive problem for many even today. Despite all warnings, users get caught in all forms of malware via email every day. Although most email service providers do have set up security checks in place, attackers still manage to find ways to beat them.
This one is pretty obvious. But it still remains a vital protocol to maintain. Don’t click on any link if you’re not sure. Always double-check the URL before clicking. It’s also wise to check a sender’s email address before engaging with any of an email’s content. Also, if you ever get one of those “too good to be true” emails, chances are they are.
Don’t install any unofficial apps or programs
It can be frustrating when a certain app or program doesn’t work properly, or if they aren’t officially available in your area. Sometimes it’s natural to look for unofficial alternate options. While going down this route may solve your frustrations in the short term, it can also be equally dangerous. This is particularly true for mobile devices. Installing apps and services off alternate stores to that of the Google Play Store can open up your mobile devices to a great many vulnerabilities. The Google Camera app vulnerability is one such example.
Run maintenance on your computer regularly
This last one may not be directly related to online activities. But it still offers an important means of protecting your digital life. Regular maintenance of your computer can be a tedious task at times. But it can be a lifesaver. For starters, always keep a safe backup of all your important data. If your system ever gets compromised, restoring a backup is the easy way to regain access.
Run regular scans through your antivirus software. Antivirus software can’t detect every possible security breach. But that doesn’t mean these should go unchecked.
Finally, ensure your system is rid of any unnecessary programs or files. Regularly clean up your computer and remove any programs or files you don’t need. Keep your system up to date.
Of course, some of these procedures may sound a bit basic. But it’s exactly these sort of basic security mishaps that lead to serious security breaches as the streaming service breaches demonstrate. Either way, better safe than sorry.