Business

Roku says it experienced second ‘credential stuffing’ incident

Bad actors entered more than half a million Roku accounts without permission in another cyber incident.

The video streaming company said Friday the latest “credential stuffing” attack of 576,000 accounts came to light in the midst of its efforts to “monitor account activity closely.” Those had been prompted by a prior breach. 

TickerSecurityLastChangeChange %
ROKUROKU INC.58.94-0.96-1.60%

The first incident saw bad actors illegally getting into 15,300 accounts through that tactic. Roku let those users know about that incident in March.

ROKU HACKERS BREACH 15,000 ACCOUNTS, USED DATA TO SUBSCRIBE TO STREAMING SERVICES

Sensitive personal data and full payment information did not get exposed in either incident, according to the company.

Roku remote in front of TV

Roku says the latest wave of job cuts will impact 6% of its workforce. (Tiffany Hagler-Geard/Bloomberg via Getty Images / Getty Images)

“There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident,” the company said Friday. “Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials.”

The bad actors did take advantage of stored payment information in less than 400 instances, buying streaming service subscriptions and hardware. Such accounts will get refunds, the streaming company said.

Roku headquarters sign is seen in San Jose, California

 Roku’s company logo is seen in front of Roku headquarters on Nov. 18, 2022 in San Jose, California.  (Justin Sullivan/Getty Images / Getty Images)

Roku said account security was a “top priority” for the company.

COMCAST SAYS XFINITY CYBERSECURITY INCIDENT MAY HAVE COMPROMISED CUSTOMER DATA

It is “implementing a number of controls and countermeasures to detect and deter future credential stuffing incidents.” Those efforts included password resets for impacted users and two-factor authentication for every customer that uses its service, according to Roku.

The pair of breaches hit a “small fraction” of its total users, it said. In the fourth quarter, it reported 80 million active accounts collectively responsible for 29.1 billion streaming hours.

The Roku app on a television in Hastings-On-Hudson, New York, US, on Tuesday, July 25, 2023. Roku Inc. is scheduled to release earnings figures on July 27. (Tiffany Hagler-Geard/Bloomberg via Getty Images / Getty Images)

Other companies have faced credential stuffing incidents in recent months. For example, DNA-testing company 23andMe attributed an October breach to the tactic.

RISK OF CYBER INCIDENTS WEIGH HEAVILY ON BUSINESSES FOR 2024, REPORT FINDS

In January, an Allianz Commercial report identified cyber incidents as 2024’s “top business risk.” Of the over 3,000 customer businesses, industry trade organizations risk management professionals and others that participated in the survey, over one-third said cyber incidents of various kinds were the risk weighing on them the most.

Related posts

Mercedes-Benz workers in Alabama vote against union in major blow to UAW

Daily

Best ISA, easy access, and fixed savings accounts this week with interest up to 7% | Personal Finance | Finance

Daily

Pet food company to pay a cat lover $10K to cuddle with kittens, raise support for adoption shelters

Daily

Leave a Comment