Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Broadcasting & Cable
Broadcasting & Cable
Business
Daniel Frankel

Roku Hit By Another Security Breach, This Time 576,000 Accounts Were Compromised

Roku headquarters in San Jose, Calif. .

Roku said that after investigating a security breach that was reported in early March, it detected a second, larger intrusion that involved around 576,000 accounts. 

The streaming company released a statement on the matter Friday. 

Once again, the security breach involved "credential stuffing," whereby hackers who have already stolen user names and passwords knock on the door of Roku accounts, hoping users abide by the bad habit of using the same credentials for multiple services. 

"There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident," Roku said in its Friday statement. "Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials. In less than 400 cases, malicious actors logged in and made unauthorized purchases of streaming service subscriptions and Roku hardware products using the payment method stored in these accounts, but they did not gain access to any sensitive information, including full credit card numbers or other full payment information."

In addition to resetting passwords for affected users, Roku said it will now adopt two-factor authentication. 

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.