Check out what’s being clicked on FoxBusiness.com
In another cyber incident, malicious actors broke into more than 500,000 Roku accounts without permission.
video streaming company said on friday The latest “credential stuffing” attack on 576,000 accounts was uncovered during efforts to “closely monitor account activity.” These were caused by previous breaches.
| ticker | safety | last | change | change % |
|---|---|---|---|---|
| Roku | Roku Co., Ltd. | 58.94 | -0.96 | -1.60% |
In the first incident, malicious actors illegally compromised 15,300 accounts through that tactic. Roku informed users about the incident in March.
ROKU hacker breaks into 15,000 accounts and uses data to subscribe to streaming services
The company said that no sensitive personal data or complete payment information was compromised in either incident.
Roku says the latest wave of layoffs will affect 6% of its workforce. (Tiffany Hagler-Geard/Bloomberg via Getty Images/Getty Images)
“There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in any of the incidents,” the company said Friday. “Rather, the login credentials used in these attacks were likely obtained from another source, such as another online account, and the affected users may have been using the same credentials. .”
The attackers used payment information stored on fewer than 400 instances to purchase streaming service subscriptions and hardware. The streaming company says such accounts will receive refunds.
Roku’s company logo is seen in front of Roku headquarters on November 18, 2022 in San Jose, California. (Justin Sullivan/Getty Images/Getty Images)
Roku said account security is a “top priority” for the company.
Comcast announces customer data may have been compromised due to XFINITY cybersecurity incident
“We have put in place a number of controls and countermeasures to detect and prevent future credential stuffing incidents.” According to Roku, these efforts included password resets for affected users and two-factor authentication for all customers using the service.
The two breaches affected a “small portion” of its total users, the company said. In the fourth quarter, it reported 80 million active accounts totaling 29.1 billion streaming minutes.
The Roku app appears on a TV on Tuesday, July 25, 2023, in Hastings-on-Hudson, New York, USA. Roku Inc. is scheduled to release its earnings numbers on July 27th. (Tiffany Hagler-Geard/Bloomberg via Getty Images/Getty Images)
Other companies have also faced credential stuffing incidents in recent months. For example, DNA testing company 23andMe attributes its October breach to this tactic.
Cyber incident risk will weigh heavily on businesses in 2024, report finds
In January, an Allianz Commercial report identified cyber incidents as the “biggest business risk” in 2024. Of the more than 3,000 companies that participated in the survey, including risk management professionals from corporate clients and industry groups, more than one-third said various types of cyber incidents pose the greatest risk.
