X
search

Roku faces a data breach with over 15,000 accounts hacked

Pictured: Hamid Ganji
By Hamid Ganji
March 13, 2024
Featured image for Roku faces a data breach with over 15,000 accounts hacked

Roku’s recent filing with the attorney general in California confirms over 15,000 accounts were impacted by a data breach. Last year, the streaming platform was hit by a hacking group, and some of its most sensitive data was compromised. Back then, it was even said that bad actors could steal user’s credit card information and try to make purchases with them.

Roku has given a complete description of the event in its filing, and if you’re a Roku user, you can read the filing to gain insight into the incident. As per the company’s explanations, the unauthorized actors gained login information from “third-party sources that are unrelated to Roku.”

 Roku hit with a massive data breach

Attackers reportedly changed login information after taking over the account to keep the original account holder out. Roku further explains that attackers could not access data such as “social security numbers, full payment account numbers, dates of birth, or other similar sensitive personal information requiring notification.”

Roku added that the incidents happened on December 28, 2023, and February 21, 2024. After identifying the impacted account, the company prevented further unauthorized access by demanding the account holder reset their password. Canceling unauthorized subscriptions was another step to keep bad actors out of user’s accounts.

To be exact, 15,363 Roku accounts are compromised. The company says the impacted users need to change their account passwords and check the subscriptions and devices linked to their streaming accounts.

You can now buy compromised Roku accounts for a little price

Bleeping Computer was the first to discover the breaching. As the outlet reports, attackers are now selling Roku accounts for as little as $0.50 per account. Each account comes with credit card information so buyers can make illegal purchases. So far, 439 accounts have been sold.

Unfortunately, Roku doesn’t support two-factor authentication for its account, depriving users of an additional layer of security. If you think your account is impacted, be quick to change your password and enter your information on HaveIBeenPwned to check if your data has been leaked online.

  翻译: