Roku, the maker of SmartTV and streaming devices, said Friday that about 576,000 user accounts were compromised in the second cyberattack to hit the company this year.
The company said in a blog post that it detected the new breach while it closely monitored user activity after a different attack breached 15,000 accounts earlier this year.
Roku believes that in both cases, hackers accessed users’ login credentials via a method called “credential stuffing.” The practice is a type of automated cyberattack in which hackers use stolen usernames and passwords from one platform to try to login to other platforms. The method puts people who use the the same credentials for multiple services at most risk.
“We concluded at the time that no data security compromise occurred within our systems, and that Roku was not the source of the account credentials used in these attacks,” the company said. “Rather, it is likely that login credentials used in these attacks were taken from another source.
There were less than 400 cases in which the hackers actually used the stolen login credentials to make unauthorized purchases of streaming service subscriptions and Roku devices with payment methods saved on those accounts. Roku said that no sensitive information, including full credit card details, were exposed in the breaches.
How Roku is protecting users
- 🧑💻 The company notified all affected users directly and reset their passwords.
- 💸 Roku has also refunded and reversed all charges made by the hackers.
- 🕵️♂️ And the company has enabled two-factor authentication to all Roku accounts, even those unaffected by the breaches, to ensure account security. Next time users login to the accounts they will be emailed a verification link to get access.