Roku says this after the cyberattack that compromised 576,000 streaming accounts
Roku addresses security breach affecting 576,000 accounts, implements password resets and two-factor authentication for all users. Second such breach this year.
On Friday night, US-based streaming service giant, Roku revealed that approximately 576,000 user accounts were compromised in a security breach, marking the second such breach this year.
The first breach had impacted 15,000 accounts. Roku’s blog post detailed that unauthorized access was obtained through stolen login credentials.
The attackers’ method used in this case is known as “credential stuffing” where hackers gain entrance to numerous accounts, using login details which they obtained during a previous data breach. Such individuals typically use the same password for various online platforms, which is, in turn, exploited by hackers.
ALSO READ| Tesla FSD navigated 13-mile journey to Emergency Room to save a man, Elon Musk responds
Roku claims customer's information is safe with them
More investigations from the Roku side show that the stolen credentials came from a separate data breach of another service. The company assured users, “There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident.”
Despite the large number of accounts affected, the actual financial impact was limited to fewer than 400 cases where the intruders made unauthorized purchases.
The streaming service giant has taken steps to reverse these charges and is issuing refunds to all impacted parties. “These malicious actors were not able to access sensitive user information or full credit card information,” they wrote in the revealed statement.
In response to the breach, Roku has automatically reset the passwords of affected accounts. The company will also reach out to those users directly. As an additional security measure, Roku is rolling out two-factor authentication for all accounts, which involves a verification step on a secondary device whenever a login attempt is made.
ALSO READ| Donald Trump's Truth Social's future doesn't look that good. Here's why
Currently, Roku hosts a user base of over 80 million and is taking these incidents seriously. The company expressed its regret over the breaches and the inconvenience caused to its customers, claiming that account security remains a paramount concern.
“We sincerely regret that these incidents occurred and any disruption they may have caused. Your account security is a top priority, and we are committed to protecting your Roku account,” the statement read.
The aftermath of the announcement saw Roku’s stock price fall by nearly 3%,