If you’re a Roku user, this is critical news you need to know about. The streaming giant has just disclosed a massive data breach impacting over half a million customer accounts.
On April 12th, Roku announced they identified a cyberattack that allowed hackers to gain unauthorized access to 576,000 user accounts. This comes on top of a separate breach earlier in the year involving 15,000 accounts.
The good news: Roku assures us attackers didn’t steal sensitive information like credit card numbers, the implications are still serious. The company confirmed hackers did make unauthorized purchases on some accounts using stored payment methods.
So what exactly happened? Roku says the attacks leveraged a technique called “credential stuffing.” This involves hackers using login credentials leaked from other data breaches and seeing if they work across different platforms and services.
It’s a harsh reminder that reusing the same passwords across multiple accounts is an incredibly risky practice in today’s world of frequent data breaches. Once the hacker obtains obtains one of your reused passwords, he will accessing the rest of your online accounts. Using unique passwords for every account is highly recommended practice.