Roku users on red alert — over 500,000 accounts hacked in second cyberattack on TV streamer in just 30 days
REUTERS
Roku has enabled two-factor authentication for all compromised accounts
Roku has warned users about a second cyberattack that left 576,000 accounts in the hands of criminals. The devastating data breach was uncovered while Roku was investigating an earlier attack.
The latter was confirmed just 30 days ago and saw roughly 15,000 user accounts accessed by hackers, with some 400 cases where saved payment details were used to buy streaming service subscriptions and hardware products. In these cases, Roku said it would refund or reverse charges for accounts where it has determined unauthorised purchases were made as part of the pair of cyberattacks.
Roku has over 80 million active accounts on its streaming platform globally. It has reassured the vast majority of the 576,000 users caught up in the latest hack that criminals had not managed to access sensitive information, like full credit card numbers or other payment details.
The streaming firm has enabled two-factor authentication for all the accounts to beef up security controls. That means even if hackers have access to your username and password, two-factor authentication will prevent them from logging into your account with an additional verification — usually a unique code sent via SMS or email.
The timing couldn't be worse for Roku, which just launched its most expensive Smart TVs to date, known as Roku Pro, with a QLED panel and 120Hz refresh-rate. Alongside the flagship line-up of Roku TVs, the firm started to roll-out a software update to users worldwide with improved picture quality, trailers, and IMDb ratings baked into the menu.
Between the two attacks, a total of 591,363 Roku accounts have been compromised by credential stuffing.
The latter refers to a scam when cybercriminals collect credentials exposed in recent data breaches and then use these leaked email addresses and password combos to attempt to log in to other websites and online services. In this case, hackers attempted to access Roku.com.
Credential stuffing is the reason that security experts warn you to never use the same password for multiple accounts. If one of these services suffers a breach, hackers could access dozens of others.
Once hackers have gained access to your account, they’re able to change critical information — like passwords, email addresses, and shipping addresses. This can be used to lock-out account owners.
LATEST DEVELOPMENTS
In a statement shared on the company blog, Roku explained: "Earlier this year, Roku’s security monitoring systems detected an increase in unusual account activity. After a thorough investigation, we determined that unauthorized actors had accessed about 15,000 Roku user accounts using login credentials (i.e. usernames and passwords) stolen from another source unrelated to Roku through a method known as 'credential stuffing.'
"After concluding our investigation of this first incident, we notified affected customers in early March and continued to monitor account activity closely to protect our customers and their personal information.
"Through this monitoring we identified a second incident, which impacted approximately 576,000 additional accounts.
"There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident. Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials."
The streaming brand is encouraging all Roku account owners to...