Roku suffers second data breach with more than half a million accounts hacked

Streaming service Roku has been hit by its second cyber-attack this year, with 576,000 user accounts compromised.

Last month, the company detected the breach of more than 15,000 user accounts through credential stuffing attacks. However, Roku has now identified a second incident, which hit around 576,000 additional accounts. 

Roku says this type of data breach, known as ‘credential stuffing’ is a type of automated cyberattack where hackers use stolen usernames and passwords from one platform and attempt to log in to accounts on other platforms. The method exploits the practice of individuals reusing the same login credentials across multiple services.

In fewer than 400 cases, hackers used Roku accounts to make purchases on streaming services and Roku products but did not gain access to sensitive financial information. Roku is reversing charges and refunding all affected accounts, the company said in a statement. In this statement, Roku said there was no evidence that its own servers had been accessed.

Roku has reset the passwords for all affected accounts and is contacting those customers directly. It's also refunding the customers who lost money to unauthorised purchases. The firm has enabled two-factor authentication (2FA) for all 80 million Roku accounts, including those unaffected by these incidents. 

According to research from security firm Okta, nearly a quarter of all log in attempts last year met the criteria for credential stuffing. Meanwhile, analysis from Verizon in 2023 found that approximately half of all data breaches involved stolen credentials. 

Article Categories

Most Viewed