Roku accounts hacked – is yours one of them?

More than 15,000 Roku accounts have been hacked. Hackers gained access to 15,363 accounts and their associated credit card information, and in some cases tried to buy subscription services, reports BleepingComputer (via The Verge).

The hackers have been selling these account details for as little as $0.50 online.

In what is known as a credential stuffing attack, hackers used information previously exposed in other data breaches to attempt to log in to other websites and services. Once the threat actors gain access to the account, they can change the associated information like passwords and credit card details, effectively locking the genuine account holder out. The hacker is then free to use the credit card linked to the account without the real owner receiving purchase confirmation emails.

Roku allows users to subscribe to other services through their Roku accounts, including Netflix, Disney+ and Paramount+.

Roku says it secured the affected accounts and forced a password reset. It has also taken steps to investigate fraudulent charges and refund account holders.

If you're worried your account was hacked but haven't heard from Roku, head to my.roku.com and reset your password by clicking the 'Forgot password?' link. You should then review past purchases and stored card details on your dashboard to ensure everything is as it should be.

As good practice, you shouldn't use the same password for multiple services.

Roku has hit the headlines lately for forcing users to comply with its new dispute resolution terms, otherwise they can't use their Roku devices.

MORE:

Check out the best streaming services available

And see our Amazon Fire TV 4K Max review

These are the best video streamers you can buy