Streaming services are being hit hard by hackers, Akamai says

Nuix's latest Black Report offers insights straight from the mouths of hackers and penetration testers (Image xijian / iStockPhoto)
Akamai said its researchers found online video tutorials that provide step-by-step instructions for executing credential stuffing attacks. (Xijian/iStockPhoto)

Netflix, Hulu and others are being targeted at an alarming rate by hackers testing out stolen login credentials, according to a new study from Akamai Technologies.

The company today released findings from its "State of the Internet / Security: Credential Stuffing: Attacks and Economies" report, and it shows that online video and music streaming services are being hit hard by big credential abuse attacks.

Akamai said that three of the largest credential stuffing attacks against streaming services last year—which ranged in size from 133 million to 200 million attempts—took place shortly after reported data breaches, indicating hackers were likely testing stolen credentials before selling them, according to a news release. The company said credential stuffing is when automated tools are used with stolen login information to attempt to gain access to user accounts on other online sites.

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceVideo!

The Video industry is an ever-changing world where big ideas come along daily. Cable, Media and Entertainment, Telco, and Tech companies rely on FierceVideo for the latest news, trends, and analysis on video creation and distribution, OTT delivery technologies, content licensing, and advertising strategies. Sign up today to get news and updates delivered to your inbox and read on the go.

Those compromised accounts can in turn be used to allow nonsubscribers watch pirated content from streaming services, or the accounts can be sold or used for extracting personal information.

RELATED: Netflix, Amazon, studios crack down on alleged pirate site SET TV

“Educating subscribers on the importance of using unique username and password combinations is one of the most effective measures businesses can take to mitigate credential abuse. The good news is that organizations are taking the threat seriously and investigating security defenses, as evidenced by the discussions at NAB. Akamai offers its research and best practices to help these organizations who are facing significant brand and financial harm,” said Patrick Sullivan, director of security technology and strategy at Akamai, in a statement.

Akamai said its researchers found online video tutorials that provide step-by-step instructions for executing credential stuffing attacks. The findings listed the United States as the top country of origin for the attacks, followed by Russia and Canada. But the U.S. is also the top target, followed by India and Canada.

The company said previous research showed that media, gaming and entertainment companies saw 11.6 billion attacks between May and December 2018.

Suggested Articles

AT&T’s pay TV platforms including DirecTV, U-verse and AT&T TV Now will get to keep ABC, ESPN and other channels after reaching a new retrans consent…

Disney+ has opened up pre-orders for U.S. consumers and promised that those who sign up early will be among the first to get access to the streaming service.

Roku and Innovid are partnering on a new analytics solution to measure daily demographic reach and frequency on TV campaigns run across the Roku platform and…