Streaming giant Roku has confirmed its second security incident in as many months, this time hackers were able to compromise more than 500,000 Roku user accounts.

The company said in a statement on Friday that approximately 576,000 user accounts were accessed through a technique called credential stuffing, in which malicious hackers use usernames and passwords stolen from other data breaches and repeated on other websites Use login information.

Roku said that in fewer than 400 account breaches, malicious hackers used payment data stored in user accounts to fraudulently purchase Roku hardware and streaming subscriptions. Roku said it has refunded customers affected by the account compromise.

The company, which has 80 million customers, said malicious hackers “were unable to access sensitive user information or complete credit card information.”

Roku said it discovered the second incident when it notified about 15,000 Roku users that their accounts had been compromised in a previous credential stuffing attack.

Following the security incident, Roku said it has rolled out two-factor authentication to users. Two-factor authentication prevents credential stuffing attacks by adding an extra layer of security to online accounts. By prompting users to enter a time-sensitive code along with a username and password, malicious hackers are unable to break into a user’s account using only a stolen password.

#Roku #user #accounts #hacked #security #incident

Leave a Reply

Your email address will not be published. Required fields are marked *