More than 15,000 Roku streaming accounts have been breached, revealed the company in a March 8th filing with the Maine Attorney General’s Office.
The hacked accounts were reportedly used to make fraudulent purchases, as suggested by BleepingComputer.
In total, 15,363 users were affected, and according to the filing, the breach occurred between December 28th and February 21st. Roku describes the breach as “Unauthorized individuals using account credentials believed to have been obtained from third-party source(s) were used to access individual customer accounts.”
The threat actors also attempted to sell the stolen account credentials for as little as $0.50 per account. Manny accounts has credit card information stored, allowing the buyers of these accounts to use the stolen credit card information to make illegal purchases.
According to Roku, it concluded 2023 with 80 million active user accounts, so 15,363 breached accounts is only 0.02 percent of its total user base.
Roku said that it secured all the impacted accounts by forcing a hard password reset requirement according to a notice it sent affected users. Additionally, Roku investigated the compromised accounts for any unauthorized charges, and cancelled subscriptions that fraud actors might have ordered.
Check the complete BleepingComputer report about the breach here.
Image credit: Roku
Source: Roku Via: BleepingComputer
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.