Why Was My Netflix Account Commandeered From Ecuador?

Image courtesy of Jeffrey

From time to time, Netflix customers share their passwords with friends and family members, even some that may live in other countries. In those cases, it’s not unusual to see activity on your account from a device in, say the U.K., streaming the latest episode of Game of Thrones. But Consumerist reader Niki doesn’t know anyone in Ecuador, and she certainly didn’t give out her password to someone living there. Yet, she’s repeatedly seen activity in that country, despite changing passwords and email addresses associated with the account. 

Niki tells Consumerist that the issue began last week when she received an email from Netflix warning her of suspicious activity and recommending she change her password.

She says she clicked on the link in the email, but only after confirming that it would lead to the real Netflix site. There she changed her password and thought nothing more of it.

Until two days later.

“That’s when I received an email saying my plan was upgrading from two to four screens HD for an additional fee,” she recalls, noting that she had made no such changes.

She immediately logged in and changed the plan back to her normal two screen choice. Easy enough.

But it was what else she saw on her account that caused additional concern.

“It was then I saw new profiles added to my account and viewing activity — mostly kid and teen shows — from Ecuador,” she tells Consumerist, noting that she lives in California, more than 4,000 miles away.

Niki deleted the profiles, logged out of all devices attached to the account, and changed her password again.

Changing the password for the second time, Niki thought her issues would be over. Only they weren’t.

The next night she noticed additional activity from Ecuador. At this point she decided to call Netflix directly.

“The Netflix support person I spoke with suggested I change my email address on my account and then all the suspicious activity would stop,” Niki recalls, noting that she was walked through the process and everything looked fine.

The following morning, when she looked at her account, she once again saw there were new devices logging in from Ecuador.

A second call to Netflix resulted in a rep telling her the technical team would look into the issue.

When she called back in the afternoon to find out the status of the investigation, she was once again advised to change the email associated with the account.

“I simply refuse to come up with a new email address and password every time the unauthorized users on my account appear because some how, they are gaining immediate access also,” she tells Consumerist.

At her “wits’ end,” Niki ultimately decided to cancel her account, coming to the conclusion that Netflix “cannot block remote regional access, they can’t stop anyone from remotely changing my plan, viewing my billing information, or just watching what they like.”

Consumerist reached out to Netflix about the issue, asking how repeated access could be made by an unauthorized user even after the true account holder changed the associated email and password.

A rep for the company confirmed that Niki’s initial warning email came from the company and that she contacted the customer service team related to the access made in Ecuador, but couldn’t provide a specific reason for the issues that followed.

“We can really only speculate here, but there is a chance the unauthorized user maintained access during the period of device deactivation as this process can take several hours to complete,” a rep for the company tells Consumerist.

Another theory Netflix proposed involved Niki’s devices somehow being compromised by malware.

The rep says the final support team member to help Niki offered to set up a new account in her name, but she ultimately declined.

The company declined to comment on whether or not unauthorized remote access was a common issue for account holders. Instead, the rep said Netflix proactively monitors members’ accounts for fraud and suspicious activity and alert them if we see anything.

Additionally, users should visit netflix.com/security for information on keeping their account and computer safe.

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.