Roku launches countermeasures after nearly 600K accounts were hacked

Roku said hackers used 'credential stuffing' to access 591,000 accounts over two separate instances. In response, Roku has reset passwords for impacted accounts and added two-factor authentication for 80 million-plus accounts.

Jeff Baumgartner, Senior Editor

April 12, 2024

2 Min Read
Padlock being opened against a digital background cybersecurity
(Source: Kiyoshi Takahase Segundo/Alamy Stock Photo)

Roku said Friday it is resetting some passwords and implementing two-factor authentication for its 80 million-plus accounts following a hack that originated with about 15,000 Roku user accounts.

Roku took those measures after determining that "unauthorized actors" had accessed those accounts using login credentials stolen from another source via a method called "credential stuffing" – an automated cyberattack in which stolen usernames and passwords from one platform are used to access the accounts of other platforms.

"We concluded at the time that no data security compromise occurred within our systems, and that Roku was not the source of the account credentials used in these attacks," Roku explained in this post about the incident.

After concluding its investigation on the initial incident, Roku said it notified affected customers in early March and continued to monitor the situation. Amid that monitoring, Roku said it identified a second incident that impacted about 576,000 additional Roku accounts, and determined that it was likely that the login credentials used for that round were taken from another source.

Few hacked accounts used to make purchases

Roku also found that, in less than 400 cases, the hackers who logged in with purloined credentials used them to make unauthorized purchases of streaming service subscriptions and Roku hardware products using payment methods stored in those accounts. Roku also stressed that the hackers did not gain access to any "sensitive information, including full credit card numbers or other full payment information."

In addition to resetting passwords for all affected accounts and enlisting two-factor authentication for all accounts, Roku is also refunding or reversing charges for the small number of accounts that were used to make unauthorized purchases.

Roku shares were down $1.69 (-2.74%) to $60.26 each in mid-day trading Friday.

Roku is far from alone in being the target of cybercriminals in recent months. Others that have dealt with breaches include AT&T, Comcast, T-Mobile, Lumen and Dish (now part of EchoStar).

About the Author

Jeff Baumgartner

Senior Editor, Light Reading

Jeff Baumgartner is a Senior Editor for Light Reading and is responsible for the day-to-day news coverage and analysis of the cable and video sectors. Follow him on X and LinkedIn.

Baumgartner also served as Site Editor for Light Reading Cable from 2007-2013. In between his two stints at Light Reading, he led tech coverage for Multichannel News and was a regular contributor to Broadcasting + Cable. Baumgartner was named to the 2018 class of the Cable TV Pioneers.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like