Approximately 576,000 Roku accounts were affected in the company’s latest data breach.
Roku has suffered a security breach that has left over 500,000 accounts compromised. This comes on the heels of Roku reporting a hack last month that left 15,000 accounts breached. Unfortunately, hacks and data breaches have become the norm for companies, with customers feeling the effects of having their accounts exposed and personal data at risk. It can sometimes lead to large payouts if the company is found to be at fault or taken to court. In Roku’s case, it has chosen to notify affected customers while resetting their passwords and turning on two-factor authentication.
“After concluding our investigation of this first incident, we notified affected customers in early March and continued to monitor account activity closely to protect our customers and their personal information,” Roku said in a blog post. “Through this monitoring we identified a second incident, which impacted approximately 576,000 additional accounts.” Roku states its research indicates the company wasn’t the source of the account credentials being used in the attacks, or that Roku’s systems were compromised in either incident.
“In less than 400 cases, malicious actors logged in and made unauthorized purchases of streaming service subscriptions and Roku hardware products using the payment method stored in these accounts, but they did not gain access to any sensitive information, including full credit card numbers or other full payment information,” the company states.
How Roku is addressing data breach
The steps Roku is taking to address the data breach hack are resetting the passwords of all affected accounts and notifying the customers impacted, refunding or reversing charges that it could determine came from unauthorized actors, and enabling two-factor authentication (2FA) for all Roku accounts, even for those that have not been impacted by these recent incidents.
The next time you attempt to log in to your Roku account online, a verification link will be sent to the email address associated with your account, and you will need to click the link in the email before you can access the account.
Roku also offers tips on creating strong passwords, while also staying vigilant and suspicious of any communications that may appear to come from Roku, and to stay informed by checking your Roku account periodically, looking for communications from Roku, and review account charges.