Recently, Roku reported a new data leak that affected approximately 576,000 customer accounts through a credential stuffing attack. Nearly 400 accounts were accessed to make unauthorized purchases, prompting the company to reset passwords and implement two-factor authentication for affected accounts. This incident follows a similar attack in early 2024 where 15,000 customer accounts were compromised for fraudulent purchases.
Roku has been proactive in monitoring account activity and protecting customer information. In both attacks, they clarified that their systems were not compromised, and the platform was not the source of the compromised credentials. Despite less than 400 accounts being accessed in the recent attack, Roku has taken steps to ensure customer security. In addition to refunding unauthorized charges and enabling two-factor authentication for all accounts, they advise users to create strong, unique passwords for each account. Users are also urged to remain vigilant for suspicious communications and keep informed about potential threats.
As a preventive measure, Roku has activated two-factor authentication for all accounts to add an extra layer of security. Users will receive a verification link via email to confirm their identity before accessing their accounts. This additional step aims to protect accounts from unauthorized access and safeguard personal information.
Roku is committed to enhancing security measures to prevent future credential stuffing incidents and protect customer data. By resetting passwords, enabling two-factor authentication, and providing security tips to users, the company aims to maintain a safe and secure platform for its customers.
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/SHZS63UVUVBIHKYXCRRMDXZQHI.jpg)
