NewsNational NewsScripps News


Roku hit with another cyberattack, exposing 576,000 accounts' data

Last month, the company announced more than 15,000 accounts had been impacted by a first breach that included fraudulent purchases in some cases.
Roku hit with another cyberattack, exposing 576,000 accounts' data
Posted at 5:58 PM, Apr 15, 2024

Roku has been hit by another cyberattack, this time affecting nearly 40 times more accounts than did a similar incident earlier this year. 

The streaming company said Friday that it had identified a second security breach involving 576,000 customers as it was monitoring account activity after the first cyberattack, which affected 15,363 accounts.

In both incidents, Roku said hackers used a tactic known as "credential stuffing," meaning the unauthorized actors took username and password combinations leaked in other breaches to attempt to log into Roku's platform. This method targets those who use the same login information on multiple platforms, so it wasn't an attack on or within the Roku system itself.

"There is no indication that Roku was the source of the account credentials used in these attacks or that Roku's systems were compromised in either incident," the company said in a statement.

In fewer than 400 cases of breached accounts, hackers used stored payment information to purchase streaming service subscriptions and Roku hardware products, but the company said sensitive information like full credit card numbers was not accessed.

The announcement comes just over a month after Roku announced its first data breach of the year. On March 8, the company told impacted customers that hackers had changed some users' login credentials and, in certain cases, made purchases with stored payment data. Bleeping Computer reported then that the fraudsters were selling stolen account data for as little as $0.50 on a hacking marketplace, giving buyers access to the stored financial data on each profile. 

SEE MORE: Roku data breach compromises 15,363 accounts. Here's what to know

The company said it has since forced a password reset for the 591,363 accounts affected in the two breaches, and it's refunding or reversing the purchases hackers made on customer accounts. 

But Roku is also enacting a new security step for all users, not just those whose data was involved in the breach. All accounts are now fitted with two-factor authentication, requiring users to click on an emailed verification link anytime they try to log into their Roku account.

The company said it's notified those who were impacted in the breach, but still, it recommends all Roku users make sure they have strong, unique passwords and that they stay vigilant and informed about suspicious activity or known data breaches

"We sincerely regret that these incidents occurred and any disruption they may have caused," the company said in a statement. "Your account security is a top priority, and we are committed to protecting your Roku account."

The overall number of impacted users is small when compared to Roku's 80 million active accounts. However, the brunt of the attack was still felt within the company, as its stock came down nearly 3% since announcing the breach, per CNN and Reuters.

Trending stories at