.png){kind=logo}
In the latest breach incident, the popular streaming company Roku has exposed the personal information of over 15,000 of its customers, revealing that the accounts were hacked using stolen login credentials from unrelated data breaches. Roku confirmed that the hackers accessed the accounts of 15,363 US residents in a campaign that lasted from December 28, 2023, to February 21, 2024. The attacks were carried out by gaining access to the login credentials of the affected individuals through data breaches. Some Roku account owners made the mistake of using the same passwords for Roku accounts as they did for multiple other websites. This allowed the hackers easy access to break into Roku accounts and lock out genuine users. The cybercriminals then changed the Roku login information for the affected accounts and, in some cases, attempted to purchase streaming subscriptions. According to Bleeping Computer, hijacked accounts were being sold by cybercriminals for as little as 50 cents each, which is a worrisome trend. Hackers can use these accounts to purchase other items from Roku, using stored credit card details. Roku has claimed that access to the affected accounts did not allow the hackers to access any sensitive personal information such as social security numbers, full payment account numbers, dates of birth, or other similar information. The company has taken the incident "very seriously" and has secured affected accounts from further unauthorized access, forcing users to reset their passwords. To prevent similar attacks from happening in the future, Roku users need to choose strong, impossible-to-guess passwords and avoid reusing the same passwords in different places on the internet. While the users are partly responsible for the security of their Roku accounts, Roku should also take responsibility and provide additional security measures. Interestingly, Roku hasn't offered any form of two-factor authentication (2FA) for its users, which is a common way to improve account security. It's essential to note that credential-stuffing attacks succeed because so many people still make the mistake of reusing the same passwords in different places on the internet. Roku's security team needs to be more vigilant and detect anomalous behavior earlier, instead of letting it continue for months. Roku says its security team continues to monitor for suspicious activity and urges users to remain vigilant of the threat posed by identity thieves. If users have any questions about the breach, they can contact Roku by telephone at 1-816-272-8106 or by email at account-help@roku.com.