Roku Says 576,000 Streaming Accounts Were Compromised in Data Breach 

The new cracks were found during the investigation of another incident last month that compromised 15,000 accounts 

Roku Logo Outside San Jose, California, Headquarters
Justin Sullivan/Getty Images

Roku says it discovered a data breach impacting 567,000 accounts, which the streaming platform found while investigating a security breach last month that compromised 15,000 users.

“After concluding our investigation of this first incident, we notified affected customers in early March and continued to monitor account activity closely to protect our customers and their personal information,” the company wrote in a statement. “Through this monitoring, we identified a second incident, which impacted approximately 576,000 additional accounts.”

Additionally, the company noted that they would implement a number of “controls and countermeasures to detect and deter future credential stuffing incidents.”

Roku is notifying the customers impacted by the data breach directly, while also resetting the passwords for all affected accounts. The company is also enabling a two-factor authentication for all Roku accounts. 

“We also want to reassure customers that these malicious actors were not able to access sensitive user information or full credit card information,” the company wrote. 

In the data breach, the attack utilized a technique called “credential stuffing” with the accounts compromised by hackers that obtained login data from other sources.

“Your account security is a top priority, and we are committed to protecting your Roku account,” the company concluded. 

Comments