News Hub

Roku discovers 576,000 streaming accounts compromised in cyberattack

Written by Thu 18 Apr 2024

Streaming video firm, Roku, has identified a major data breach involving 576,000 accounts, in a cyberattack using the credential stuffing technique.

By using account login information found online, accounts were compromised by hackers. This breach was found after the streaming platform investigated a separate security violation where 15,000 accounts were hacked.

“After concluding our investigation of this first incident, we notified affected customers in early March and continued to monitor account activity closely to protect our customers and their personal information,” said Roku in a statement.

In a blog post on the Roku website, the company said that after monitoring account activity since the first cyberattack was discovered, another larger breach was found. According to Roku, less than 400 examples of hackers making unauthorised purchases on these compromised accounts have been identified. In these cases, attackers were unable to access private payment information, including credit card numbers.

The streaming platform said there was no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident.

“Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials,” explains Roku in a blog post.

Following these attacks, Roku announced all users who had been impacted will have their passwords reset, along with all accounts now requiring two-factor authentication. Hackers who illicitly obtained account passwords will not be able to access accounts that have two-factor authentication turned on, as they would need to enter a time-sensitive code.

Any unauthorised purchases as a result of this breach will also be refunded. With a reported customer base of more than 80 million active accounts, Roku said only a “small fraction” of its customers will be affected.

Join Tech Show London

12-13 March 2025, ExCeL London

Be a part of the latest tech conversations and discover pioneering innovations.

You won’t want to miss one of the most exciting technology events of the year.

Written by Thu 18 Apr 2024

Send us a correction Send us a news tip