tech

More than half a million Roku accounts compromised in second cybersecurity breach -bloggerheart.com

April 19, 2024
admin


Recently, Roku has faced significant security challenges, suffering two separate cyberattacks in a short period of time.

The streaming giant confirmed that more than half a million Roku user accounts were compromised through credential-stuffing attacks in the second incident.

man using roku remote (stop)

What happened: details of events

The first of these events It was discovered earlier this year when Roku's security systems noticed unusual activity on approximately 15,000 user accounts. The investigation revealed that these breaches were caused by credential stuffing, where attackers used login information stolen from other services to access Roku accounts. Fortunately, Roku confirmed that their systems were not compromised and that the credentials used were obtained from external sources.

Click to receive Kurt's free cyber newsletter with security alerts, quick video tips, tech reviews, and easy ways to make you smarter

The situation worsened due to Second, large-scale incident This includes approximately 576,000 accounts. In less than 400 of these cases, malicious actors logged in and unauthorized purchases of streaming service subscriptions and Roku hardware products were made. However, sensitive user information, including complete credit card numbers or other complete payment information, remained protected.

Roku has over 80 million active accounts, and the affected accounts represent a small portion of their user base. The company posted a statement on its website saying, “We deeply regret these incidents and any disruption they caused. The security of your account is a top priority, and we are committed to protecting your Roku account.”

roku website

MORE: How to Know Who's Spying on You

Roku Active Solutions

In response to these security breaches, Roku has taken four proactive steps.

1. Password reset: Passwords for all affected accounts have been reset.

2. Direct Notifications: Roku is notifying affected customers directly.

3. Refunds and Reversals: Fees charged during the violation are being refunded or refunded.

4. two-factor authentication: Roku has started two-factor authentication (2FA) to provide an additional layer of security for all accounts.

Nationwide alert: SMS phishing attacks target toll road customers

Photo of Roku's website

MORE: How to protect yourself from streaming hacks

How you can help keep your account secure

Roku emphasizes the importance of user participation in securing accounts. Here are some recommendations:

  • Strong, unique passwords: Users are urged to create strong passwords that are unique to their Roku accounts. You might want to consider using a password manager To create and store your passwords securely.
  • awareness: Roku advises users to be alert to suspicious communications and to contact customer support if unsure about the authenticity of the request.
  • Stay informed: Users should check their email regularly for communications from Roku and log into their accounts to review charges.

What to do if you have been hacked

If this has already happened, and you have been hacked, you should take immediate action to minimize the damage and secure your device. Here are some steps you can follow.

Change your Roku password

If hackers record your passwords, they can access your online accounts and steal your data or money. On another device (i.e., your laptop or desktop), you should change your passwords for all your important accounts, like email, banking, social media, etc. You may want to do this on another device so that the hacker cannot make the recording. You are setting your new password on your hacked device. And you should also use strong and unique passwords that are difficult to guess or crack. You can also use a password manager To create and store your passwords securely.

Enable two-factor authentication: two-factor authentication Prevents credential-stuffing attacks by adding an extra layer of security to your Roku account. It works by prompting you to enter a time-sensitive code along with your username and password. This prevents hackers from breaking into your account with stolen passwords.

Get Fox Business by clicking here

Monitor your accounts and transactions

You should regularly check your online accounts and transactions for any suspicious or unauthorized activity. If you notice anything unusual, immediately report it to the service provider or authorities. You should also review your credit report and score to see if there are any signs of identity theft Or fraud.

Use identity theft protection

Identity theft protection companies can monitor personal information like your home title, Social Security number, phone number, and email address and alert you if it is being used to open an account. They can also help you freeze your bank and credit card accounts to prevent further unauthorized use by criminals.

One of the best parts of using an identity theft protection company is that it can include identity theft insurance up to $1 million to cover losses and legal fees and a White-glove fraud resolution team where there is a US-based case manager Helps you recover from any loss. Check out my tips and best picks on how to protect yourself from identity theft,

Contact your bank and credit card companies

If hackers have obtained your bank or credit card information, they can use it to make purchases or withdrawals without your consent. You should inform your bank and credit card companies about the situation. They can help you freeze or cancel your card, dispute any fraudulent charges, and issue new cards for you.

Alert your contacts

If hackers have access to your email or social media accounts, they can use them to send spam phishing message To your contacts. They may also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any of your messages that appear suspicious or unusual.

hacker on computer

hacker on laptop (Curt “Cyberguy” Knutson)

MORE: Hackers use pirated software to hijack Mac, Android and Windows devices

Kurt's highlights

Roku's recent experiences highlight the ongoing challenges digital service providers face in securing user data against increasingly sophisticated cyber threats. By implementing strong security measures and promoting user awareness, Roku aims to provide protection against future incidents. Adopting two-factor authentication is an important step in ensuring that the security of user accounts does not rely solely on passwords.

Click here to get the Fox News app

How has the recent surge in cyberattacks affected your trust in digital platforms, and what actions should companies take to regain your trust? Let us know by writing here cyberguy.com/contact,

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter cyberguy.com/newsletter,

Ask Kurt a question or let us know what stories you'd like us to cover,

Answers to the most frequently asked CyberGuy questions:

Copyright 2024 CyberGuy.com. All rights reserved.

Kurt “CyberGuy” Knutson is an award-winning tech journalist with a deep love of technology, gear and gadgets that make life better through his contributions to Fox News and Fox Business in the mornings on “Fox & Friends.” Have any technical questions? Receive Kurt's free CyberGuy newsletter Share your voice, story idea or comment cyberguy.com.

Leave a Reply

Your email address will not be published. Required fields are marked *