More than 15,000 Roku accounts were compromised in a data breach that, in some cases, gave "unauthorized actors" access to customers' stored financial information.
The company disclosed the attack in filings with the Maine and California attorney generals' offices Friday, noting it discovered and investigated the breach from Jan. 1 to Feb. 21. However, the breach began on Dec. 28, 2023.
In a notice to impacted customers, Roku said hackers had seemingly obtained thousands of logins from third-party sources where the same username and password combinations were used. That means it wasn't a hack on the Roku system itself but was likely the result of hackers finding credentials exposed in other company data breaches and checking for the same login uses on Roku.
After gaining access, the company said the hackers changed the affected customers' login information and attempted to purchase streaming subscriptions with the stored credentials in certain cases.
Bleeping Computer, which first reported the breach, said the financial information wasn't just taken to purchase a Netflix account, though. The publication says it found hackers were selling some stolen information for as little as $0.50 per account on a hacking marketplace, giving buyers access to the stored financial data on each profile.
UnitedHealth sets dates to restore hacked systems as fallout continues
A cyberattack on UnitedHealth's Change Healthcare systems left hospitals and pharmacies unable to process claims and deliver medications.
Luckily, the "unauthorized actors" did not gain any full payment account numbers, social security numbers, dates of birth or other similar sensitive personal information, Roku said.
And the company told affected customers that it has now secured their accounts from further unauthorized access by requiring each account holder to reset their password. It also said it investigated account activity to make sure the hackers didn't incur any subscription charges, and if they did, Roku said it canceled and refunded them.
The 15,363 impacted accounts are a small number compared to Roku's 80 million active user accounts last year, but if you're concerned your account was affected, the company recommends you reset your password at my.roku.com. It also recommends you review the subscriptions and devices linked to your account and always monitor your account activity for fraud.
