Roku suffered a cyber attack that accessed 576 thousand user accounts

Content streaming company Roku has confirmed that it was the victim of a major cyber attack last Friday (12). The discovery came during an investigation into another minor infestation the company suffered.

Vulnerability exploited by unauthorized persons It resulted in the access information of 576 thousand accounts being revealed in all. Predictions for the first attack are as follows: 15 thousand profiles were affected.

Attackers gained access to accounts using a method known as . filling out credentials — or filling out identification information with free translation into Portuguese. This is the technique used by a cybercriminal. tests data from previous leaks to force login on other platforms. If a person repeats the access code on more accounts, their profile may be compromised.

In the Roku case they “Less than 400 cases” An attack where attackers can make unauthorized purchases within the service, such as subscribing to a streaming service or purchasing TV sticks from the company, using cards saved in the settings.

However, according to the company; In no case was customer financial data accessed or stolen.

What the company said about the case

In an official corporate blog post, Roku confirmed the details of the cyberattack and said: Force reset the password of affected accountsso only account holders can reset the code.

Room forced activation two factor authentication for all users There is an account in the service and configuration is required on first access using this new method.

Roku also claims that this was not the source of the initial data used to force sign-in to accounts. However, he did not disclose whether he knew the source of the stolen identity information.

“Finally, we sincerely regret that these events occurred and any disruption that may have occurred. The security of your account is a top priority and we are committed to protecting it,” the official note reads.

As a hint, the company has strengthened the recommendation for users Have a unique password for each serviceIncluding Roku. Also, it is important Watch out for suspicious notifications regarding account access or so-called messages from malicious individuals posing as support for the company.