Roku hackers breach 15,000 accounts and are selling them online

Roku hackers breach 15,000 accounts and are selling them online

by

Hackers likely obtained account information exposed in previous data breaches of third-party services, Roku says. This kind of attack, called credential stuffing, involves hackers getting the emails and passwords exposed in data breaches and trying the combination on other services. Once they gained access to an account, Roku hackers changed the login information for some accounts, allowing them to gain full control.

If the account had stored credit card info, hackers could also purchase subscriptions within Roku for services such as Netflix, Max, Paramount Plus, Hulu, Peacock, Disney Plus, and others. Bleeping Computer also found that hackers are selling the stolen information for around 50 cents per account on a hacking marketplace.

One saving grace is that the Roku accounts didn’t reveal social security numbers, full payment account numbers, or dates of birth. Roku says it has since “secured the accounts from further unauthorized access” by asking affected users to reset their passwords. It’s also working to cancel and refund unauthorized purchases. Even if you weren’t affected by this data breach, it still might be worth checking HaveIBeenPwned to see if any of your credentials have been exposed recently. It also couldn’t hurt to change your Roku password.

Source link

Denial of responsibility! NewsConcerns is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a Comment