Free Republic
Browse · Search
Topics · Post Article

Skip to comments.

Roku hackers breach 15,000 accounts, used data to subscribe to streaming services ^ | March 12, 2024 4:17pm EDT | By Aislinn Murphy

Posted on 03/15/2024 5:47:33 AM PDT by Red Badger

The need for cybersecurity is 'nothing like we've ever seen before': Dan Ives Wedbush Managing Director of Equity Research Dan Ives reflects on the 'golden age for cybersecurity' on 'The Claman Countdown.'

Bad actors may have illegally gotten into thousands of people’s Roku accounts, Roku told the offices of two state attorneys general.

In a data breach notification to the Office of the Maine Attorney General, the video streaming company estimated the number of accounts affected by the breach at over 15,300. It let those customers know about the situation on Friday via a letter.

The "unauthorized actors" changed the login details of the compromised accounts after using usernames and passwords they likely got "from third-party sources" that Roku believed "had been used as login information for such third-party sources as well as certain individual Roku accounts" to get access, Roku said in the customer notification letter.

The company suggested the bad actors got the login combinations "through data breaches of third-party services that are not related to Roku." The information was reportedly sold, or the hackers used stored credit card information to sign up for streaming services attached to the device.

The letter is publicly available on both the Maine and California Attorney General websites.

Roku said sensitive personal information such as Social Security numbers, full payment account numbers and birth dates of the breached account holders were not accessed.

The bad actors did, however, try to use Roku accounts to sign up for paid streaming subscriptions "in a limited number of cases," the company said in the letter.

The company became aware of the incident between Jan. 4 and Feb. 21, according to the data breach notification submitted to Maine. The breach itself happened between Dec. 28 and Feb. 21.

"In response, we took immediate steps to secure these accounts and are notifying affected customers," a Roku spokesperson told FOX Business Tuesday. "Roku is committed to maintaining our customers’ privacy and security, and we take this incident very seriously."

Roku told customers via letter it "secured the accounts from further unauthorized access by requiring the registered account holder to reset the password, we investigated account activity to determine whether the unauthorized actors had incurred any charges and we took steps to cancel unauthorized subscriptions and refund any unauthorized charges."

The company’s security team "continues to actively monitor for signs of suspicious activity, to ensure that all customer information and data is kept secure," according to the letter.

Roku’s total number of active accounts rose to 80 million in the fourth quarter. Those accounts accumulated 29.1 billion hours of streaming in the three-month period and contributed to the 106 billion hours watched by Roku accounts over the course of the entire year, according to the company.

TOPICS: Business/Economy; Crime/Corruption; Government; Technical

1 posted on 03/15/2024 5:47:33 AM PDT by Red Badger
[ Post Reply | Private Reply | View Replies]

To: Red Badger

Happened to me...didn’t notice until I was reviewing charges (which I do not do near enough). Jerks.

2 posted on 03/15/2024 6:06:57 AM PDT by small farm girl
[ Post Reply | Private Reply | To 1 | View Replies]

To: small farm girl

Yes, people need to scan their charges EVERY MONTH. Not just ROKU, but EVERY STREAMING SERVICE.

And your credit cards, as they usually charge them directly...................

3 posted on 03/15/2024 6:10:53 AM PDT by Red Badger (Homeless veterans camp in the streets while illegals are put up in 5 Star hotels....................)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Red Badger

My Roku credit card info is defunct and I never updated it for reasons like this

4 posted on 03/15/2024 6:26:45 AM PDT by NWFree (Sigma male 🤪)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger
I had to look up Roku to see what it was. Glad I am an old fuddyduddy.
5 posted on 03/15/2024 6:38:20 AM PDT by 4yearlurker (Arise and shine,and give God the glory!-A trail cook's morning call.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 4yearlurker

It’s just one of many streaming services for people to watch movies, sports and etc..................lots of etc.............

6 posted on 03/15/2024 6:39:39 AM PDT by Red Badger (Homeless veterans camp in the streets while illegals are put up in 5 Star hotels....................)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Red Badger

This is Roku’s fault. They do contracts with 3rd parties and then do not enforce adequate security.

Banks do this when they let your Visa/MC card purchases pass thru 3rd party data handlers that operate from our PC/phone to the online store, to the bank, etc. Wherever a 3rd party is involved is a point of insecurity. And, the banks don’t do a damned thing to protect you.

This is common. 3rd parties are typically involved to push risk away. TO YOU.

7 posted on 03/15/2024 9:31:22 AM PDT by bobbo666 (Baizuo, )
[ Post Reply | Private Reply | To 1 | View Replies]

To: AdmSmith; AnonymousConservative; Arthur Wildfire! March; Berosus; Bockscar; BraveMan; cardinal4; ...

8 posted on 03/15/2024 10:25:06 AM PDT by SunkenCiv (Putin should skip ahead to where he kills himself in the bunker.)
[ Post Reply | Private Reply | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794 is powered by software copyright 2000-2008 John Robinson