Dead Netflix accounts reactivated by hackers

Former users are being charged months after cancelling subscriptions, according to reports

Hackers have exploited Netflix's data retention policies to reactivate cancelled customer subscriptions and steal their accounts.

Former subscribers say they noticed their accounts had been reinstated when they were charged a monthly fee, months after cancellation.

The hackers can log in to dormant accounts and reactivate them without knowing users bank details, according to the BBC

Advertisement - Article continues below

This is due to the streaming service storing customer data, including billing information, for ten months after cancellation. This is to enable a speedy account recovery should a user wish to rejoin.

However, this is proving to be a benefit for hackers who just need an email address and password to reactivate an account.

Radio 4's You and Yours programme spoke to Emily Keen who said she cancelled her subscription in April 2019 but was charged £11.99 by Netflix in September. She tried to log in to the account but found that email and password were no longer recognised as the hackers had changed her details and signed her up to the more expensive service option. 

Keen contacted Netflix and was assured her card would be blocked and she would receive a full refund, but the streaming service went on to take two further payments in October and November.

Advertisement
Advertisement - Article continues below

Other users that have had their accounts mysteriously reactivated have hit out at the company on Twitter.

Advertisement - Article continues below

"Super disappointed with my @netflix customer service experience," one user posted on the social media site. "Our account was hacked, supposed to have been deactivated, was reactivated by hacker, and continued to use our credit card. We were told to file chargeback and @netflix would not offer refund."

Stolen Netflix login details have reportedly been found on sites like eBay, sold as "lifetime" accounts for as little as £3. The same issue was reported for Disney+ accounts just hours after the service launched in the US, with login details serfacing on hacking forums. 

IT Pro has approached Netflix for comment.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/cyber-security/355210/cyber-criminals-torn-over-how-to-adapt-to-post-coronavirus-threat
cyber security

Hackers torn over how to adapt their tactics to the coronavirus pandemic

3 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020
Visit/server-storage/servers/355254/a-critical-flaw-in-350000-microsoft-exchange-remains-unpatched
servers

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020