Roku alerted its 80 million users about the incident, reset their passwords and enabled two-factor authentication. The company’s statement stated that attackers were able to hack accounts using credential stuffing, which allowed them to take over accounts of other services using leaked usernames and passwords.
There have been nearly 400 cases so far where fraudsters were able to use data from hacked accounts to purchase subscriptions to streaming platforms and merchant devices; For this purpose, payment methods registered in the accounts were used. But hackers were still unable to obtain debit card numbers and other payment data.
Roku has promised to cancel subscriptions if it turns out that the subscriptions were purchased from an account by a fraudster and not by the owner; The company also promises to compensate users for their losses.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
