Roku Reports Cyber Breach Of Over Half A Million Accounts

Compromised data was used to make unauthorized purchases in fewer than 400 cases

clock • 3 min read
Roku Reports Cyber Breach Of Over Half A Million Accounts

Roku, a leading streaming service provider, has warned 576,000 of its users that their accounts have been compromised in a cyber breach discovered during an ongoing investigation into a previous intrusion from March.

Rather than directly compromising Roku's network through a security flaw, the hackers employed a "credential-stuffing" attack, the company said.

This technique involves hackers using previously leaked usernames and passwords to gain unauthorized access to user accounts, particularly when users use the same credentials across multiple platforms.

Roku said there is no evidence indicating it was the source of the account credentials used in these attacks, and that neither of Roku's systems were compromised in either incident.

Despite the scale of the breach, the company assured its users that the hackers did not manage to access any sensitive data such as full credit card numbers or other payment details. However, the company did acknowledge that in fewer than 400 cases, the compromised data was used to make unauthorized purchases of hardware products and streaming service subscriptions.

The purchases were made using the payment methods stored in the affected accounts.

In response to the breach, Roku says it has taken steps to address the situation. The company has committed to refunding or reversing charges for the accounts where unauthorized purchases were made as a result of the attack.

As a precautionary measure, the company has reset the passwords for the affected accounts and is rolling out two-factor authentication across all user accounts to enhance security measures.

According to BleepingComputer, threat actors are employing credential stuffing technique using tools like Open Bullet 2 or SilverBullet to breach Roku accounts. These hacked accounts are subsequently sold for as little as $0.50 in illegal online marketplaces.

The sellers also provide instructions on how to use the stolen accounts for unauthorized purchases.

Roku, which boasts more than 80 million active accounts, has advised its users to create unique and strong passwords for their accounts and to enable two-factor authentication as an additional layer of security.

Cybersecurity experts have often warned against the dangers of using the same credentials across different platforms, emphasizing the importance of using unique passwords for each online account to minimize the risk of unauthorized access.

Roku provides a variety of streaming devices, home automation kits, sound bars, and various other products powered by its specialized operating system, allowing users to access services such as Netflix, Amazon Prime Video, and Hulu.

To generate revenue, Roku permits customers to buy streaming subscriptions directly via their Roku account, consolidating all their streaming services into one account. Upon adding a subscription, Roku securely stores customers' credit card details in their online accounts to simplify future purchases.

Last month, Roku disclosed another data breach impacting more than 15,000 customers, amid reports that compromised accounts were being sold for as little as $0.50 each.

At that time, Roku said it had secured the affected accounts and initiated a password reset as soon as the breach was detected.

This article originally appeared on our sister site Computing.

You may also like
Leaked Documents Provide Glimpse Into Google's Search Secrets


'Over a decade we've been lied to,' says source

clock 05-29-2024 • 4 min read
Google Eyes HubSpot Acquisition To Challenge Microsoft

Cloud Computing

Microsoft's Dynamics products dominate the modern CRM sector

clock 05-28-2024 • 3 min read
5 AI Policy Templates You Can Use As A Framework

Artificial Intelligence

AI is something that many businesses are still working through. There are guidance and tools to help to create a framework for any business.

clock 05-24-2024 • 2 min read

More on Security

How Semperis Is Helping Detect 'Low And Slow' Cyberattacks And Why It's Targeting The Midmarket

How Semperis Is Helping Detect 'Low And Slow' Cyberattacks And Why It's Targeting The Midmarket

Semperis' VP of products, Darren Mar-Elia, breaks down how ML helps with identity-based security and why the new offering is a fit for midmarket organizations' cyber resilience strategies

Samara Lynn
clock 05-23-2024 • 7 min read
Microsoft Build 2024: CEO Nadella Declares 'A Golden Age Of Systems'

Microsoft Build 2024: CEO Nadella Declares 'A Golden Age Of Systems'

'I still remember distinctly the first time Win32 was discussed … .Net, Azure. These are moments that I’ve marked my life with. And it just feels like we’re, yet again, at a moment like that,' Microsoft CEO Satya Nadella said in his keynote at Build 2024....

Wade Tyler Millward
clock 05-22-2024 • 9 min read
Strata Announces 'Always-On' Identity Continuity

Strata Announces 'Always-On' Identity Continuity

Identity access and management continues to evolve

Samara Lynn
clock 05-21-2024 • 2 min read