Roku says this after the cyberattack that compromised 576,000 streaming accounts - Hindustan Times
close_game
close_game

Roku says this after the cyberattack that compromised 576,000 streaming accounts

Apr 13, 2024 10:25 AM IST

Roku addresses security breach affecting 576,000 accounts, implements password resets and two-factor authentication for all users. Second such breach this year.

On Friday night, US-based streaming service giant, Roku revealed that approximately 576,000 user accounts were compromised in a security breach, marking the second such breach this year.

The Roku company logo is displayed on a building in Austin, Texas, U.S. REUTERS/Mike Blake/File Photo(REUTERS)
The Roku company logo is displayed on a building in Austin, Texas, U.S. REUTERS/Mike Blake/File Photo(REUTERS)

The first breach had impacted 15,000 accounts. Roku’s blog post detailed that unauthorized access was obtained through stolen login credentials.

Unlock exclusive access to the latest news on India's general elections, only on the HT App. Download Now! Download Now!

The attackers’ method used in this case is known as “credential stuffing” where hackers gain entrance to numerous accounts, using login details which they obtained during a previous data breach. Such individuals typically use the same password for various online platforms, which is, in turn, exploited by hackers.

ALSO READ| Tesla FSD navigated 13-mile journey to Emergency Room to save a man, Elon Musk responds

Roku claims customer's information is safe with them

More investigations from the Roku side show that the stolen credentials came from a separate data breach of another service. The company assured users, “There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident.”

Despite the large number of accounts affected, the actual financial impact was limited to fewer than 400 cases where the intruders made unauthorized purchases.

The streaming service giant has taken steps to reverse these charges and is issuing refunds to all impacted parties. “These malicious actors were not able to access sensitive user information or full credit card information,” they wrote in the revealed statement.

In response to the breach, Roku has automatically reset the passwords of affected accounts. The company will also reach out to those users directly. As an additional security measure, Roku is rolling out two-factor authentication for all accounts, which involves a verification step on a secondary device whenever a login attempt is made.

ALSO READ| Donald Trump's Truth Social's future doesn't look that good. Here's why

Currently, Roku hosts a user base of over 80 million and is taking these incidents seriously. The company expressed its regret over the breaches and the inconvenience caused to its customers, claiming that account security remains a paramount concern.

“We sincerely regret that these incidents occurred and any disruption they may have caused. Your account security is a top priority, and we are committed to protecting your Roku account,” the statement read.

The aftermath of the announcement saw Roku’s stock price fall by nearly 3%,

SHARE THIS ARTICLE ON
Share this article
SHARE
Story Saved
Live Score
OPEN APP
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Saturday, May 25, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On