576,000 Roku accounts compromised in recent security breach

Just weeks after a security hack exposed more than 15,000 Roku accounts, the company said Friday that a second security breach impacted more than 576,000 accounts.

In a statement on its website, the company said it found no evidence that it was the source of the account credentials used in either of the attacks or that Roku's systems were compromised. Instead, the company said, login credentials used in the hacks were likely stolen from another source for which the affected users may have used the same username and password. This type of cyberattack is known as "credential stuffing."

Roku said in fewer than 400 cases, the "malicious actors logged in and made unauthorized purchases of streaming service subscriptions and Roku hardware producing using the payment store in these accounts, but they did not gain access to any sensitive information, including full credit card numbers or other full payment information."

FILE - This Aug. 13, 2020 file photo shows a logo for Roku on a remote control in Portland, Ore. (AP Photo/Jenny Kane) / Credit: Jenny Kane / AP
FILE - This Aug. 13, 2020 file photo shows a logo for Roku on a remote control in Portland, Ore. (AP Photo/Jenny Kane) / Credit: Jenny Kane / AP

The company said it reset the passwords for all affected accounts and notified those customers directly about the incident. It is refunding or reversing charges in the accounts that purchases made by unauthorized actors.

In addition, the company also enabled two-factor authentication for all Roku accounts, even those that have not been impacted by either security incident They said account holders should be aware that the next time they log into the Roku account online, a verification link will be sent to the associated email.

"While the overall number of affected accounts represents a small fraction of Roku's more than 80 (million) active accounts, we are implementing a number of controls and countermeasures to detect and deter future credential stuffing incidents," the company said.

Roku encouraged users to create a "strong, unique password" for their account and also advised them to "remain vigilant," being alert to any "suspicious communications appearing to come from Roku, such as requests to update your payment details, share your username or password, or click on suspicious links."

"We sincerely regret that these incidents occurred and any disruption they may have caused," the company said. "Your account security is a top priority, and we are committed to protecting your Roku account."

This is the second Roku breach in recent months. In March, Roku said hackers accessed more than 15,000 user accounts.

O.J. Simpson dead at 76 after battle with prostate cancer

Scattered Spider I Sunday on 60 Minutes

Dramatic rescue of drowning horse in Florida caught on camera