TLDR:
- Roku cyberattack affected 576,000 customer accounts
- Hackers accessed accounts using stolen login credentials
Roku recently experienced a cybersecurity incident where 576,000 customer accounts were impacted by hackers who accessed the accounts using stolen login credentials. This marked the second major security breach for the company in the same year. The initial attack, which took place in March, was a result of “credential stuffing,” where bad actors used stolen login details from other sites to breach Roku’s systems.
The company discovered the breach after increasing monitoring of account activity following the first attack that affected 15,000 accounts. Although there was “no indication” that Roku’s systems were compromised, they implemented various controls and countermeasures to detect and deter future credential stuffing incidents. These measures included resetting passwords for affected customers, refunding or reversing charges for compromised accounts, and enabling two-factor authentication for all accounts.
Roku reassured its customers that sensitive user information or full credit card information was not accessed by the hackers. The company expressed regret for the incidents and any disruptions they may have caused, emphasizing that account security is a top priority, and they are committed to protecting customer accounts.