With 10m moms and dads signing up, I'm going to guess this is largely due to password reuse from prior hacks. Christmas123.
The email change is particularly disturbing. A good security design would be to send the old email a notice of change request and give them a link that can always be used to undo that change (which might require the at the time older password as well).
Does anyone else still torrent?
I rarely watch a tv show or a movie, but when I do I just torrent it. I've been doing this since Limewire (which was a lot of really shitty porn at the time).
Showed my boys Princess Mononoke the other day - will show them the Mandalorian tonight, a buddy told me its pretty good
Extra fun tip I'm sort of nervous putting out there just because it's a potential attack vector: if you used the same email address as your existing MyDisneyExperience account, guess what? The password you set while registering for Disney+ is now the password for your MDE account - they were "merged" without notification (that I saw). So not only is your Disney+ account compromised, potentially the account you use to book vacations is as well.
EDIT: I have "merged" in quotes because I am not sure if changing your D+ email changes it for your MDE account as well, or vice-versa.