Dan Ives, managing director of equity research at Wedbush, looks back at the “Golden Age of Cybersecurity” in “The Claman Countdown.”
Roku told two state attorney general’s offices that malicious parties may have illegally hacked into thousands of Roku accounts.
In a data breach notification to the Maine Attorney General’s Office, the video streaming company estimated the number of accounts affected by the breach to be more than 15,300. Those customers were informed of the situation by letter on Friday.
The “unauthorized attacker” changed the login details of the compromised account after using a username and password likely obtained “from a third-party source.” These usernames and passwords, Roku believed, “were being used as such third-party sources and certain individuals’ her Roku login information.” In a customer notification letter, Roku says he needs access to his “account.”
The company suggested that the attackers obtained the login combination “through a data breach of a third-party service unrelated to Roku.” The information was reportedly sold or hackers used the stored credit card information to sign up for streaming services connected to the device.
CLICK HERE TO GET FOX BUSINESS ON THE GO
Roku says the latest wave of layoffs will affect 6% of its workforce. (Tiffany Hagler-Geard/Bloomberg via Getty Images/Getty Images)
The letter is published on the websites of both the Maine and California attorneys general.
Roku said it did not access sensitive personal information such as Social Security numbers, full payment account numbers, or dates of birth for compromised account holders.
| ticker | safety | last | change | change % |
|---|---|---|---|---|
| Roku | Roku Co., Ltd. | 64.13 | -0.28 | -0.43% |
However, the attackers attempted to use Roku accounts to sign up for paid streaming subscriptions in “limited cases,” the company said in the letter.
The Roku app on a TV in Hastings-on-Hudson, New York on July 25, 2023. (Tiffany Hagler-Geard/Bloomberg via Getty Images/Getty Images)
The company became aware of the incident between January 4 and February 21, according to a data breach notification filed in the state of Maine. The breach itself occurred between December 28th and February 21st.
“In response, we are taking immediate steps to secure these accounts and are notifying affected customers,” a Roku spokesperson told FOX Business on Tuesday. “Roku is committed to maintaining customer privacy and security, and we take this incident very seriously.”
Comcast announces customer data may have been compromised due to XFINITY cybersecurity incident
Roku told customers in writing: “We protect accounts from further unauthorized access by requiring registered account holders to reset their passwords, and we investigate account activity to determine whether fraudsters have incurred charges. “We have taken steps to cancel the fraudulent subscription and provide a full refund.” Unauthorized billing. ”
Roku company logo in front of Roku headquarters, November 18, 2022, San Jose. (Justin Sullivan/Getty Images/Getty Images)
The company’s security team “continues to actively monitor for signs of suspicious activity to ensure all customer information and data remains secure,” the letter said.
Click here to read more on FOX Business
Roku’s total number of active accounts increased to 80 million in the fourth quarter. According to the company, these accounts contributed to his 29.1 billion hours of streaming during his three-month period and the 106 billion hours his Roku accounts watched over the course of the year.
