MEDIUMData Breach
Verified
Global
Major Credential Stuffing Campaign Targets Streaming Services — 500K Accounts Compromised
Wednesday, March 11, 2026 at 01:00 PM UTC·Source: Recorded Future / SpyCloud
Updated: Thursday, March 12, 2026 at 10:00 AM UTC
Executive Summary
Massive credential stuffing campaign compromises 500,000+ streaming service accounts across three major platforms. Accounts sold on dark web.
Analysis
A coordinated credential stuffing campaign has compromised over 500,000 accounts across three major streaming platforms using credential lists from recent data breaches. Compromised accounts are sold on dark web marketplaces for $2-5 each. The campaign uses residential proxy networks to evade rate limiting and bot detection. Affected platforms have initiated forced password resets and are implementing enhanced bot detection. Users are urged to enable MFA and avoid credential reuse.
Timeline
Discovered
Mar 8, 2026
Published
Mar 11, 2026