Newsletter
Cyberattacks come in all different shapes and sizes, and they affect several types of companies. Over the past couple of months, Roku has been dealing with a massive cyberattack that has affected more than half a million subscribers. The company is still picking up the pieces after the attack, and it is informing customers who may have been affected.
This is a pretty big deal for the company as it has been dealing with another cyberattack that happened not too long ago. At the beginning of March, the company had to tell 15,000 of its users that their accounts may have been compromised. The threat actor used a tactic called “Credential Stuffing” to gain access to the accounts. This is when an attacker uses credentials from one person’s account and attempts to log into other accounts that may share those credentials.
Roku is going through a massive cybersecurity attack
As if things couldn’t get any worse, the company notified its users about a secondary wave of attacks. In this secondary attack, the company concluded that more than 576,000 accounts fell victim. That’s no small number, even though it pales in comparison to the 80 million subscribers that Roku has.
While the attack affected many accounts, Roku confirmed that the login credentials did not come from it. The threat actors were able to affect Roku accounts, however, this was not the result of threat actors hacking into Roku’s databases and stealing credentials. That doesn’t make the situation much better, but it takes some of the heat off of Roku.
Of the hundreds of thousands of affected accounts, around 400 accounts were, unfortunately, negatively affected. According to the report, within those 400 accounts, threat actors were able to log in and make purchases through Roku. So, these users lost money because of this attack. Be that as it may, Roku assured its users that the threat actors were not able to gain access to sensitive information from these accounts such as full credit card numbers.
In response to this, Roku has reset the passwords for all of the users affected, and it enabled mandatory two-factor authentication. Because of this attack, all accounts must use two-factor authentication.