The reason? You guys might recall that recently it had been confirmed that millions of usernames and passwords had been breached in LinkedIn and MySpace hacks. It is because of these hacks that companies like Netflix are asking users to reset their passwords especially if their current password matches that of the leaked passwords.
This means that if you’re the type to reuse usernames and passwords and have used those for MySpace and/or LinkedIn, don’t be surprised if you receive an email telling you to reset it. The email reads, “We believe your Netflix account credentials may have been included in a recent release of email addresses and passwords from an older breach at another company. Just to be safe, we’ve reset your password as a precautionary measure.”
Netflix has confirmed the emails in a statement to Krebs on Security. “Some Netflix members have received emails encouraging them to change their account passwords as a precautionary measure due to the recent disclosure of additional credentials from an older breach at another internet company. Note that we are always engaged in these types of proactive security measures (leveraging Scumblr in addition to other mechanisms and data sources), not just in the case of major security breaches such as this one.”
Of course there are plenty of scams that would probably word their emails the same way, so do double and triple-check the URL to ensure that it is Netflix/Facebook’s website that you’re logging into. Alternatively you could always manually enter the website yourself and change the password from there.