Credential stuffing (testing stolen logins from other sites on Netflix).
The leak is not the result of a direct Netflix system breach. Instead, it is a collection of "combolists." Attackers use automated tools to verify which credentials still work on the Netflix platform to gain unauthorized access to active subscriptions. Security Implications 73k Netflix.txt
Approximately 73,000 entries of "email:password" combinations. Credential stuffing (testing stolen logins from other sites
Attackers can view account details, including partial billing information and viewing history. locking out the legitimate owner.
Unauthorized users may change the primary email or password, locking out the legitimate owner.