Roku Says More Than 500,000 Accounts Were Compromised in Cyberattack
On Friday , Roku confirmed that the cyberattack had compromised about 576,000 accounts. This is the second such cyberattack to hit the company, which compromised a smaller number of accounts earlier this year.
What’s going on in Roku?
Roku says it detected “an increase in unusual account activity” earlier this year. After conducting an audit, the company discovered that attackers had hacked about 15,000 Roku accounts.
However, this was not due to a security breach in Roku’s systems. Instead, the attackers obtained usernames and passwords for these accounts through third parties, likely through sources that leak stolen credentials online. They didn’t necessarily know that these usernames and passwords were for Roku accounts; rather, they were engaging in what is known as “credential stuffing,” an automated process in which they try to log into popular types of accounts with stolen credentials until they hit a winning combination. It so happened that they first got 15,000 accounts before moving on to bigger wins.
Roku says it continued its investigation following this incident and in the process discovered an additional 576,000 compromised accounts. Roku still believes that the credentials for these accounts were taken from somewhere else, and even speculates that they may have been taken from accounts where users had the same username and password. ( Don’t reuse your passwords , guys.) So, the company likely doesn’t have any security issues at this time.
What to do if your Roku account is affected
Since Roku has more than 80 million active accounts, the likelihood that yours is among a fraction of the percentage of affected users is slim. However, Roku says it has reset passwords for all users affected by this attack. If criminals made a payment using your account, Roku will refund your money. The company says no financial information was stolen in the attack, so you can keep your credit cards for now. This also affected a small number of users (less than 400 cases).
The company has also enabled two-factor authentication (2FA) for all affected accounts. This is good: 2FA requires access to a trusted device or phone number to complete the login after entering the password. Even if your credentials leak online, attackers won’t be able to log into your account without access to, say, your smartphone, greatly reducing the likelihood of a hack. If you don’t already have 2FA set up on your Roku account (or any other account that offers it), be sure to do so as soon as possible .
Luckily, no more users were affected by the attacks, but the incident does shed light on how important it is to stay on top of your digital security. Simple steps such as using strong and unique passwords for all accounts and setting up 2FA whenever possible can prevent your accounts from being hacked.