I am sure you can see logged in devices if you login to Netflix through a web browser.
Yes I have. Some unknown ones like Turkey and Holland are on there.
I would suggest you change your password and de-authenticate them
Yes we have changed the password to a secure one
I wrote a post about password security in the past that is relevant to this: Monzo Plus Roadmap for 2019 📅
There’s a big market online for stolen media streaming accounts, Netflix and Spotify users are the biggest victims of this. The typical situation is this:
- You use a password for Netflix that you also use on another service
- The other service is compromised
- All passwords and email addresses are leaked from the compromised service
- Malicious people check every leaked password and email combination on Netflix (and other services)
- When a password and email combination are found to work on a service, the account details are noted down as valid
- The valid account details are now sold, often for ~$1, typically with the advice “don’t change any settings so that you can keep using the account indefinitely”. The goal isn’t to steal your account from you, it’s to have cheap access to these services, changing your password will resolve the issue – also change your password anywhere else that same password is used.
The protection against this attack is: do not use the same password on multiple websites. There’s also a small chance this came about from phishing, but very unlikely.
If you reuse your password anywhere then it could have been compromised from there. Check your email address(es) on: https://haveibeenpwned.com/ and start using different passwords everywhere
Nope the password in question was only used on Netflix, and it was an easy one
You’ve answered your own question here. You used a weak password so they managed to crack it and get in
You shouldn’t knowingly use a weak password on anything.
Not really. How did they get the email in the first place knowing it had netflix associated to it
Your account was compromised due to a poor password, you said this. Where they got the email address from is irrelevant!
I can guarantee nobody on here hacked your account so we can’t answer your question of where they got your email address from.
Netflix is really popular. I wouldn’t be surprised if they tried random addresses and passwords until one worked.
Are you using any third party netflix apps? They may have harvested your login, or you may have clicked on s fake login page by mistake.
Seeing as you’ve changed it and only used it for Netflix what was the old password?
There are lists of the top 100 passwords
Fairly easy if you get an email to write a program to cycle through those passwords
As to where they got the email it is possible Netflix had a leak of emails like twitter did not too long ago. Not always reported especially if things like bank details not leaked
Did you see @glasgow 's advice above? Check your email with the haveibeenpwned service. Passwords are irrelevant. Leaked email addresses attract people who then apply these email addresses into popular services using passwords which, in your own words, are “easy ones”.
It is easier than people think to gain access to online services with someone else’s credentials. Once they do - without any warning to the actual user - the actual user needs a big paddle to get out of creek faster than fast.
“Hard” passwords and 2FA are needed. If you purposely make it hard for yourself to log into an online service, it’ll be even harder for someone else to get in there.
It’s also worth using a password manager, that way all your passwords can be difficult and you don’t need to remember them.
Use long strings of words with altered case and swap out letters for example use Z for S as this stops dictionary attacks.
If they have your account, they now have your email, a phone number of yours, possibly your mobile. If it’s your mobile, contact your provider as your at risk of a SIM swap attack. Depending on how you pay, they have some of your credit card details and possibly your address. If you’re not already, use PayPal with 2 factor.
I’m curious as to why you would ever use an “easy” password for anything?!?
Laziness, ease of remembering, lack of a password manager. Lots of reasons. Not that that’s a good excuse
Have you tried entering a 20 char password with special symbols on a TV remote?.. It’s painful…
My LG Tv doesn’t remember the password even when you click remember. It was so frustrating. Luckily sky have added a Netflix app on SkyQ and that seems to remember it so I’ve only had to do it once since then
I have a fairly simple password for my Netflix account, but I change it regularly. it’s a random string of a few words so hopefully its hard to crack. A few friends use my account so I share a note from Apple Notes with each of them, and they get a notification when I make a change to that, so they know they’ll need to log in again. It’s pretty simple to log in to services now though, so having a complex password is fine.