No, Disney+ hasn't been hacked, but accounts may have been stolen
There are reports circulating on reputable sites that Disney+ has already been hacked with customer details being made available on the black market. The alarming headlines suggest that there has been a breach at the new streaming service within a week of it launching but the truth is far more mundane and far less click-worthy.
There is some truth in the fact that there are customer account details available to buy and these are legitimate accounts set up by Disney+ customers - however, the source isn't Disney+ itself and most of the accounts are ones that have been set up using email addresses and passwords that have previously been compromised on other sites and services.
All that has been done is to attempt to log into Disney+ with details that have been obtained from elsewhere and seeing as far too many people still reuse the same email and password combinations across multiple different sites it is reasonably easy for someone to create a script to try thousands of possible logins to see which ones work.
The Disney+ service remains secure and if you've used a unique password or a password manager your details will be safe. If you've reused an email and password combination that has been used on another service that has been compromised in the past then your details probably have or will be stolen from whichever services you continue to use those details on.
Always use a password manager or at the very least use a different password on ever service you access - this is simple security and everyone should be doing it. At the same time Disney+ should be offering more security via two factor authentication to protect against this kind of account theft - this is where a code might be sent to a registered mobile device that must be used to log in, or an authentication token is genereated via an app on your phone. It's remarkable that Disney hasn't implemented two factor authentication before the platform was launched.