Hackers Are Using Stolen Roku Accounts To Subscribe To Streaming Services

Tyler Cross
Tyler Cross Senior Writer
Tyler Cross Tyler Cross Senior Writer

If you’ve noticed streaming subscriptions you didn’t sign up for on your bill, you may have been impacted by the recent data breach of the popular streaming company, Roku.

Hackers obtained the information of over 15,000 users and promptly began using the stolen accounts to sign up for various streaming services using the victim’s money. After stealing credentials, they would change the user’s login information while “borrowing,” their account credit card information to sign up for various services.

Since subscriptions aren’t too expensive and many people struggle to keep track of every subscription they own, the theft could have gone unnoticed for a long time. Roku posted a data breach notification to the Office of the Maine Attorney General, alerting the public to the breach.

“(We) secured the accounts from further unauthorized access by requiring the registered account holder to reset the password, we investigated account activity to determine whether the unauthorized actors had incurred any charges and we took steps to cancel unauthorized subscriptions and refund any unauthorized charges,” Roku said in a statement.

The breach lasted from Dec. 28-Feb. 21, giving the hackers plenty of time to use the stolen accounts. Roku posted that it first discovered the breach on Jan. 4, but it took more than a full month to successfully remedy the situation.

“In response, we took immediate steps to secure these accounts and are notifying affected customers. Roku is committed to maintaining our customers’ privacy and security, and we take this incident very seriously,” a Roku spokesperson commented.

With over 80 million active Roku users, it makes sense that hackers would target the company. While it’s the responsibility of Roku to protect your account, remember that you should still regularly rotate your credentials and review charges made to your accounts. Maintaining healthy cybersecurity habits is the only way to ensure you aren’t the victim of a data breach.

About the Author
Tyler Cross
Tyler Cross
Senior Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends.

Leave a Comment