Roku Has More than 15,000 User Accounts Hacked, Stolen Data Sold for 50 Cents Per Customer on the Dark Web
'Credential stuffing' attack mines customers credit card data used to make in-app purchases
Hackers have stolen personal data, including credit-card authentication credentials, of 15,363 Roku users, with individual user account data selling for just 50 cents each on the Dark Web.
Some Roku users were locked out of their accounts, with data thieves coopting them to make nefarious in-app purchases.
Roku began to notify affected customers on Friday via email with this message.
The streaming company also released this statement to Next TV: “Roku’s security team recently detected suspicious activity that indicated a limited number of Roku accounts were accessed by unauthorized actors using login credentials obtained from third-party sources (e.g., through data breaches of third-party services that are not related to Roku). In response, we took immediate steps to secure these accounts and are notifying affected customers. Roku is committed to maintaining our customers’ privacy and security, and we take this incident very seriously.”
Bleeping Computer was first to report the data breach on Monday.
The data breach, which occurred "earlier this year," according to Roku, stemmed from what's described as a "credential stuffing" attack, whereby hackers steal usernames and passwords from, say, Roku, then try them out in a range of other services.
Fortunately, Roku's data doesn't include social security numbers, full payment account numbers, or dates of birth.
NEXT TV NEWSLETTER
The smarter way to stay on top of the streaming and OTT industry. Sign up below.
Daniel Frankel is the managing editor of Next TV, an internet publishing vertical focused on the business of video streaming. A Los Angeles-based writer and editor who has covered the media and technology industries for more than two decades, Daniel has worked on staff for publications including E! Online, Electronic Media, Mediaweek, Variety, paidContent and GigaOm. You can start living a healthier life with greater wealth and prosperity by following Daniel on Twitter today!