News
20/11/2019

Once Upon A Time, Two-Factor Authentication Was Not Used

Hackers attacks globally are rising at an alarming rate and the number of various fraud attempts is increasing year on year. In the digital age, it is very important to take online security seriously and prevent data breaches, data leaks, identity frauds and other forms of cyber-criminal.

Last week Disney released its new online streaming platform Disney+. The service gathered more than 10 million users in the first 24 hours since the launch. But, before we knew, thousands of user accounts have been affected by hacker’s attack – changing login credentials and locking out owners. According to ZDNet, hacked Disney+ accounts have already been put on sale in hacker forums and Reddit for anywhere in between $3 and $11 (the original service costs $7 a month).

What Disney+ is facing right now is what other streaming and non-streaming services have been fighting against for years. The company stated later that there is “no indication of a security breach on Disney+” and that it takes “users’ data very seriously”. According to CNN, Disney+ itself does not appear to have been hacked. Hackers are simply using username and password combinations from previous hacks to access user’s accounts.

But why this happened in the first place? Silly as it sounds, the massive media conglomerate did not launch the streaming service with two-factor authentication.

Multi-factor authentication is an option for many non-streaming services, including Google, Facebook, and Viber, but the extra security must be turned on. Disney+ does require codes sent by email when changing account passwords, but it doesn’t use them for logging in from new devices. For “happily ever after”, it is crucial to add a second layer of security such as two-factor authentication.

What is two-factor authentication and why is it so important?

Two-factor authentication (2FA) is an extra layer of security used to make sure that the person who is trying to get access to an account is who they say they are. Along with a traditional password, 2FA also requires you to enter an additional piece of information to authenticate your identity, usually a unique one-time passcode sent via SMS.

Two-factor authentication makes it much harder for hackers to get unauthorized access to user’s online accounts. This means that even if your original password has been stolen by the hackers, they will not be able to access your account, because only you have the OTP code that was sent to you via SMS.

With a rapidly increasing number of transactions moving online and a proliferation of mobile app downloads needing to be legitimized, it is critical for your business that you take active steps to secure your confidential user data and transactions. 2FA is a ubiquitous way to achieve this. Mobile 2FA enables users to securely access data from any location without putting their corporate network and sensitive information in danger.

Mitto can help with user verification issues and secure your confidential user data by adding a second layer of account security with one-time passwords. Contact our sales team to find out more about how we can help hacker attacks such as Disney+ never happen again.