In a recent note, Roku announced that hackers accessed over 15,000 accounts by reusing passwords from other breaches and informed affected customers. While Roku’s security wasn’t compromised, it’s a reminder to update your passwords and avoid using the same ones for multiple accounts. (Source: HowtoGeek)
Roku stated that it occurred between December 28, 2023, and February 21, 2024. Hackers gained access to these accounts using login credentials obtained from other services, a technique known as credential stuffing. How many of these accounts were used to make fraudulent purchases is unknown.
The company proactively reset passwords for potentially impacted accounts and identified fraudulent purchases, which they reversed. You might have even received a refund for a fraudulent charge without realizing it. To be safe, it is still recommended that you review your Roku account activity and check your credit card statement for any suspicious transactions.
While the breach didn’t expose sensitive information like birthdays or full credit card details, hackers often try stolen logins on other websites. To protect yourself, avoid reusing passwords and consider a password manager. You can also check if your credentials have been compromised in past breaches with a service like HaveIBeenPwned.
