there is in many months. While investigating a previous incident in which 15,000 accounts were affected, the company learned that another 576,000 accounts had been compromised.
In both cases, Roku believes the attackers used a technique called credential stuffing. “It is likely that the login credentials used in these attacks were obtained from another source, such that the affected users may have used the same credentials.”
Roku added that in less than 400 cases, attackers used victims’ Roku accounts to purchase streaming subscriptions and Roku devices using stored payment methods. However, the hackers did not gain access to full credit card numbers or other payment information.
The company has reset passwords for all affected accounts and informed users. The company is also rolling out two-factor authentication for more than 80 million active accounts. You will receive a verification email the next time you log in. You must click the link in the email to access your account. In the meantime, Roku said that in cases where hackers purchased subscriptions or hardware, payments were refunded or recovered.
While the impact of this latest breach may not seem catastrophic, it’s a reminder that you should have a strong, unique password for each of your accounts. A You only need to remember one master password or log in using biometrics, making it much easier to have valid login credentials.
This article contains affiliate links; we may earn a commission if you click on such a link and make a purchase.