Roku, a popular international streaming service, has reported a large-scale data breach affecting 576,000 users. This announcement comes on the heels of a similar, but much smaller, incident.
The responsible parties accessed roughly 400 of these accounts and made purchases of streaming services and hardware using the payment methods on file. Luckily, full credit card numbers and other details were not exposed.
The company has since forced password resets for all the affected accounts and reversed or refunded every illicit purchase.
This attack was discovered as a result of Roku’s investigation into a similar breach of 15,000 accounts that occurred just a few weeks before. In both cases, the hackers used Credential Stuffing to gain access to user accounts. Credential stuffing is when attackers use the same credentials on numerous accounts, which is often successful since most people use the same login details for all of their accounts.
However, Roku claims that it is not responsible for the leaked data:
“There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident. Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials,” Roku stated in its blog post.
In response to both security incidents, Roku has now enabled two-factor authentication on all accounts, including those not affected by either breach. It also encouraged users to be more proactive in safeguarding their accounts:
- Create a strong, unique password for your Roku account. The password should be at least 8 characters and include numbers, letters, and symbols.
- Remain vigilant. Customers should be on the lookout for suspicious communications supposedly sent by Roku, such as requests to update their payment details, share their usernames or passwords, or click on suspicious links.
- Stay informed. Roku has encouraged all customers to watch for future updates and make regular checks of their account history and details.
“We sincerely regret that these incidents occurred and any disruption they may have caused. Your account security is a top priority, and we are committed to protecting your Roku account,” the company said in its statement about the incident.