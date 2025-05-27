Your support helps us to tell the story Read more Support Now From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging. At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story. The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it. Your support makes all the difference. Read more

Over 7 million accounts from Netflix and other streaming services have been compromised, according to security researchers.

A new report from cyber security firm Kaspersky noted that login details were collected by criminals as part of a broader credential theft campaign, rather than individual services being hacked.

The researchers uncovered 7.01m compromised credentials from Netflix, Disney+, Amazon Prime Video, Apple TV+ and Max in 2024, with Netflix accounting for more than 5m of the accounts.

It is believed that the account details were compromised through unofficial browser extensions, apps and other downloaded software that silently collect login credentials and personal data.

“Malware hidden in unofficial downloads or third-party tools silently steals login credentials and personal data, which are then traded or sold on cybercriminal forums,” said Polina Tretyak, a digital footprint analyst at Kaspersky.

“Protecting your streaming account today means thinking beyond passwords – it means securing your devices, avoiding suspicious downloads, and being mindful of where your clicks lead you.”

The Independent has reached out to Netflix for comment. The streaming giant’s website has advice for users on how to keep their account secure.

Popular streaming services have frequently been a target for cyber criminals, with one recent phishing scam targeting Netflix users in 23 countries.

The campaign involved sending emails and SMS messages to users claiming that their subscription was coming to an end, or that their payment had failed.

A report last December from cyber security firm Bitdefender warned people to avoid clicking on links, even if they appear legitimate.

“Don’t follow links in messages. If you are unsure about a message, either SMS, email or otherwise, you can always manually input the address in a browser and check your account,” the researchers wrote.

“If you offered the attackers Netflix credentials and personal information, change the password as soon as possible and cancel the compromised card.”