Roku Cyberattack Affects 576,000 Customers

The attack marks Roku’s second security breach this year

Scarlett Evans, Assistant Editor, IoT World Today

April 15, 2024

1 Min Read
Roku signage
Getty

Roku has disclosed a cybersecurity incident that impacted around 576,000 customer accounts, in the second major security breach for the company this year.

In a blog post, the streaming television company said hackers accessed the accounts using stolen login credentials.

The breach was discovered after Roku ramped up its monitoring of account activity, following an attack earlier in the year that impacted 15,000 accounts.

The initial attack took place in March and was found to have resulted from “credential stuffing,” which sees bad actors use login details stolen from other sites to attempt to breach other systems. 

Since then Roku discovered a second incident which impacted 576,000 additional accounts.

In its statement, Roku said there was “no indication” that its systems were compromised in the incident. 

“Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials,” the blog reads.

In response, Roku said it is implementing “a number of controls and countermeasures” to detect and deter future credential stuffing incidents. 

These measures include resetting passwords for all affected customers and refunding or reversing charges for those compromised accounts where hackers made purchases. Two-factor authentication has also been enabled for all accounts, not just those the hack compromised.

Related:Vans Parent Company Cyberattack Impacts 35M

“We also want to reassure customers that these malicious actors were not able to access sensitive user information or full credit card information,” the company statement said. 

“We sincerely regret that these incidents occurred and any disruption they may have caused. Your account security is a top priority, and we are committed to protecting your Roku account.”

About the Author

Scarlett Evans

Assistant Editor, IoT World Today

Scarlett Evans is the assistant editor for IoT World Today, with a particular focus on robotics and smart city technologies. Scarlett has previous experience in minerals and resources with Mine Australia, Mine Technology and Power Technology. She joined Informa in April 2022.

Sign Up for the Newsletter
The most up-to-date news and insights into the latest emerging technologies ... delivered right to your inbox!

You May Also Like