576,000 Roku Accounts’ Data Compromised in Another Cyberattack

Roku has once again experienced a cyberattack, but this time it has impacted almost 40 times the number of accounts compared to a previous attack that occurred earlier this year.

According to a statement released on Friday by the streaming company, they have discovered a second security breach impacting 576,000 customers. This breach was identified while the company was monitoring account activity following the first cyberattack, which had affected 15,363 accounts.

Roku reported that in both cases, hackers employed a technique called “credential stuffing” where they took advantage of leaked login credentials from previous breaches to try and gain access to the Roku platform. This approach specifically targets users who reuse the same login information across multiple platforms, making it clear that the attack was not directed towards or originating from the Roku system.

According to a statement released by the company, there is no evidence suggesting that Roku was responsible for the account credentials utilized in the attacks, or that their systems were breached in either of the incidents.

In less than 400 instances of compromised accounts, cybercriminals utilized saved payment details to buy subscriptions for streaming services and products from Roku. However, the company has assured that sensitive information such as complete credit card numbers was not obtained.

The company informed affected customers on March 8 that their login credentials had been altered by hackers, who also made unauthorized purchases using saved payment information in certain instances. According to experts, the stolen account data was being sold by fraudsters on a hacking platform for as little as $0.50, providing buyers with access to the financial details stored on each account.

The affected accounts have now been subjected to a mandatory password reset by the company. Furthermore, the company has taken responsibility for any purchases made by hackers on customer accounts and is providing refunds or reversing the transactions.

In addition, Roku has implemented a new security measure for all users, not only those whose information was affected by the security breach. All accounts now have two-factor authentication, which mandates users to click on a verification link sent via email whenever they attempt to access their Roku account.

According to the company, individuals affected by the breach have been informed. However, it is advised that all Roku users take precautions by creating strong and unique passwords, as well as remaining alert and informed about any suspicious activity or disclosed data breaches.

The company expressed their deep regret for the occurrence of these incidents and any inconvenience they may have caused. They stated that account security is of utmost importance to them and they are dedicated to safeguarding your Roku account.

Although Roku has 80 million active accounts, the number of impacted users is relatively small. Nonetheless, the company still felt the impact of the attack, as its stock has fallen by almost 3% since the announcement of the breach.