We may earn money when you buy through our links.
1 min readFor over 11 years, SafeWise experts have conducted independent research and testing to create unbiased, human reviews. Learn how we test and review.
Image: hapabapa, iStock
Over the weekend, we saw a perfect example of why you need unique passwords for everything.
Roku smart TVs and streaming are in the homes of 80 million active users. But over the weekend, an unlucky 576,000 were targeted by the cyberattack. While Roku says that fewer than 400 of these accounts were used to make unauthorized purchases, it's theorized that the attack used a method called "credential stuffing."
The attack, which began on Friday with approximately 15,000 accounts compromised, escalated over the weekend, affecting over 575,000 users. Roku suspects this assault employed "credential stuffing," where hackers utilize stolen credentials from one source and attempt to use them across multiple accounts.
Although Roku has confirmed that fewer than 400 compromised accounts were utilized to make unauthorized purchases, the company asserts that sensitive information, such as full credit card numbers, remained inaccessible to the attackers. In response to the breach, Roku has taken decisive action by refunding affected customers for any unauthorized transactions and implementing two-factor authentication (2FA) for all Roku accounts.
A spokesperson for Roku emphasized the importance of maintaining strong and unique passwords for online accounts. They stated, "Earlier this year, Roku's security monitoring systems detected an increase in unusual account activity. After a thorough investigation, we determined that unauthorized actors had accessed about 15,000 Roku user accounts using login credentials (i.e., usernames and passwords) stolen from another source unrelated to Roku through a method known as 'credential stuffing.'"
Roku advises users to remain vigilant and to monitor their accounts for any suspicious activity or unauthorized purchases. In case of doubt, users are encouraged to reach out to Roku customer support for assistance.
Additionally, users are urged to be cautious of emails, news, or correspondence that may appear to be from Roku, as cybercriminals often use phishing tactics to deceive unsuspecting individuals.
Subscribe to SafeWise for updates on safety news, product releases, and deals!
