Adrian Johnson
TLDR:
- 576,000 Roku accounts were compromised in a cyberattack due to credential stuffing.
- Fraudsters made purchases on streaming services but did not access sensitive financial information.
Roku Security Breach: 576,000 Accounts Affected by Cyberattack
About 576,000 Roku accounts were compromised in a cyberattack, marking the second security breach for the streaming service in the current year. The hackers gained access to user accounts through stolen login credentials, specifically using a method called credential stuffing. This involved exploiting information leaked in a data breach on other sites where users reused the same login credentials. As a precautionary measure, Roku has reset user passwords, reversed unauthorized charges, and is implementing two-factor authentication for all accounts.
While the hackers were able to make purchases on streaming services using the compromised accounts, they did not obtain sensitive financial information. Roku is committed to ensuring account security as a top priority and is taking steps to protect the accounts of its 80 million users. The company’s stock has seen a decline of nearly 3% following the security breach announcement.
To secure online accounts effectively, users are advised to create unique and strong passwords, be cautious of internet scams and phishing emails, and contact customer support if any suspicious activity is noticed. Roku is encouraging its users to review their accounts periodically to monitor purchases and subscriptions for any unauthorized activities.
