In a recent set of events, streaming giant Roku has disclosed an eminent security breach affecting over half a million user accounts. Following a recent data breach, Roku has uncovered additional compromised accounts, totaling approximately 576,000 users affected by the breach.
Security Breach Details
Last month, Roku announced that around 15,000 customers might have had their sensitive information, including usernames, passwords, and credit card details, stolen by hackers. These stolen credentials were then utilised to gain unauthorised access to other streaming platforms and even to purchase streaming gear from Roku’s website. Subsequently, the compromised Roku accounts were sold on the dark web for a mere $0.50 each.
Method of Attack
The hackers employed a tactic known as “credential stuffing” to gain access to the jeopardised accounts. This method relies on using stolen usernames and passwords from other data breaches to gain unauthorised access to various accounts. It highlights the importance of avoiding password reuse across different platforms, no matter how convenient the idea of having one go-to password may seem.
Proactive Measures by Roku
Roku took proactive steps in response to the security incidents. While investigating the initial breach, the company discovered a second similar incident affecting over 500,000 additional accounts. Roku clarified that th
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.