Roku disclosed a second security breach in two months, disclosing that hackers breached over 576,000 customer accounts. Credential stuffing, a technique that hackers use to access additional accounts without authorization, led to the compromise of Roku customer data.
The cybercriminals used the saved payment information to make illegal purchases of Roku hardware and streaming subscriptions through the hacked accounts less than 400 times, Roku revealed in a statement on Friday. The company assured affected users that they had received reimbursements for these fraudulent transactions.
In spite of the security issue, Roku guaranteed its 80 million subscribers that the hackers could not access private user data or complete payment card information, according to TechCrunch.
Earlier Data Breach Impacted 15,000 Users
When Roku discovered this most recent problem, it was in the midst of alerting nearly 15,000 Roku customers about an earlier credential stuffing attempt.
According to a TechTimes report, the earlier breach, revealed in March, gave hackers access to stored credit card information, enabling them to make unauthorized transactions and sell hundreds of hacked accounts online.
The TV streaming firm discovered the information in records it sent to Maine and California attorneys general, according to reports released on Friday. The public records reveal that the breach impacted a total of 15,363 accounts from December 28, 2023, to February 21, 2024.
The filed documents state that hackers circumvented Roku's internal procedures to take advantage of the accounts by using login credentials they had acquired from other sources. Threat actors use credential stuffing to enter other systems, leveraging publicly available credentials from previous data breaches.
Roku Users Urged to Create Stronger Passwords
Roku users were unable to access their accounts in the TV streaming platform, allowing threat actors to utilize stolen credit card information for transactions without sending order confirmation emails to legitimate account holders.
Due to cybersecurity concerns, Roku users must utilize two-factor authentication, which needs a time-sensitive code and login credentials. User account credential-stuffing may be prevented with this method.
Roku asks its customers to "be vigilant," noting any "suspicious communications appearing to come from the company, such as requests to update your payment details, share your username or password, or click on suspicious links." Roku recommends a "strong, unique password" for user accounts, per CBS News.
"We sincerely regret that these incidents occurred and any disruption they may have caused," it said. "Your account security is a top priority, and we are committed to protecting your Roku account."
Read also: Conservative Think Tank The Heritage Foundation Hit by Cyberattack: Investigation Ongoing