Roku, the popular streaming platform, recently experienced a second data breach, compromising approximately 576,000 accounts over a six-month span. This comes on the heels of an earlier breach that affected over 15,000 accounts last month. Even though the breaches represent a small fraction of Roku’s more than 80M active accounts, the company is implementing multiple measures to detect and deter similar incidents in the future.
Roku’s Response to the Data Breaches
In response to the data breaches, Roku issued a blog post informing users about the situation and providing key recommendations for account security. The company clarified that the attackers did not gain access to sensitive information like credit card numbers or addresses. Affected users have been notified, and their passwords have been automatically reset by Roku.
In the blog post, Roku stated, “After concluding our investigation of this first incident, we notified affected customers in early March and continued to monitor account activity closely to protect our customers and their personal information. Through this monitoring we identified a second incident, which impacted approximately 576,000 additional accounts. While the overall number of affected accounts represents a small fraction of Roku’s more than 80M active accounts, we are implementing a number of controls and countermeasures to detect and deter future credential stuffing incidents.”
Enable Two-Factor Authentication
Roku is recommending all users to enable two-factor authentication as an additional safeguard, even for those who were not directly impacted by the recent breaches. This feature adds an extra layer of protection to account security, making it more difficult for unauthorized users to gain access.
Third-Party Involvement in The Breach
Roku attributes the breaches to a third party through an act known as “credential stuffing”. The company sincerely regrets any disruptions these incidents may have caused and is committed to securing user data with robust countermeasures.
Wrapping Up
While Roku has experienced a pair of data breaches within a short period of time, the company is proactively addressing the situation. All affected customers have been notified, passwords have been reset, and measures are being put in place to prevent any future breaches.
For more information on digital media, security, and more such updates, stay tuned with HitPlay.
