Credential Stuffing Attack Hits Roku, Impacts 500K+ User Accounts

Estimated read time 1 min read

If you’re a Roku user, this is critical news you need to know about. The streaming giant has just disclosed a massive data breach impacting over half a million customer accounts.

On April 12th, Roku announced they identified a cyberattack that allowed hackers to gain unauthorized access to 576,000 user accounts. This comes on top of a separate breach earlier in the year involving 15,000 accounts.

The good news: Roku assures us attackers didn’t steal sensitive information like credit card numbers, the implications are still serious. The company confirmed hackers did make unauthorized purchases on some accounts using stored payment methods.

So what exactly happened? Roku says the attacks leveraged a technique called “credential stuffing.” This involves hackers using login credentials leaked from other data breaches and seeing if they work across different platforms and services.

It’s a harsh reminder that reusing the same passwords across multiple accounts is an incredibly risky practice in today’s world of frequent data breaches. Once the hacker obtains obtains one of your reused passwords, he will accessing the rest of your online accounts. Using unique passwords for every account is highly recommended practice.

Sying Tien

IT professional, Social media scholar and a Crypto expert. If you have any comments, suggestions or questions feel free to contact me at and i will get back to you shortly.

You May Also Like

More From Author