Roku says 576,000 accounts breached in cyberattack

1 month ago 13

(CNN) — About 576,000 Roku accounts were compromised in a cyberattack, the company said on Friday, the second security breach for the streaming service this year.

Hackers gained access to user accounts through stolen login credentials, Roku said in a blog post. The security breach was discovered while Roku monitored account activity after a cyberattack affected 15,000 accounts earlier this year.

In each instance, fraudsters used a cyberattack method known as credential stuffing: Hackers try login and password information leaked in one data breach on a variety of users’ accounts, exploiting people who use the same credentials across different accounts. (Experts recommend people use different passwords for each of their online accounts.)

Credentials used to access Roku accounts were likely from a data breach on a different site, the company said in a statement.

“There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident,” the company said.

In fewer than 400 cases, hackers used Roku accounts to make p...

Read Entire Article