Roku, a digital media and streaming content company, recently experienced a data breach affecting over 15,000 of their customers. The breach occurred due to a credential stuffing attack, where threat actors used previously exposed credentials to gain unauthorized access to Roku accounts. Once inside, the attackers altered account details, including passwords, email addresses, and shipping addresses, effectively locking out the legitimate users. This allowed the attackers to make fraudulent purchases using the stored credit card information.
The compromised accounts were then sold on stolen account marketplaces for as little as $0.50 each. Purchasers of these accounts would hijack them with their own information and use the stored credit cards to buy Roku products like cameras, remotes, soundbars, and streaming boxes.
In response to the incident, Roku secured the impacted accounts, forced password resets, and initiated investigations into unauthorized charges. The company took steps to cancel the fraudulent subscriptions and issue refunds to the affects account holders. Roku advised customers to reset their passwords and review their account activity, connected devices, and active subscriptions for discrepancies.
Despite the breach, Roku does not support two-factor authentication, which could have prevented account hijackers even if credentials were compromised. This incident highlights the importance of robust security measures and the potential risks associated with storing credit card information in online accounts. Read the original article for more details.
Techmedics has been recognized on CloudTango's MSP Select US List for 2024, highlighting their commitment to delivering exceptional IT solutions and services to businesses.
Learn more
Techmedics recognized as a Clutch Champion for Spring 2024. This award highlights Techmedics' ability to consistently deliver exceptional service and results. Read the press release.
Learn moreExperience the power of optimized IT solutions tailored to your business needs. Our team is ready to assess your current setup and provide valuable insights to propel your business forward. Don't miss out on this opportunity to revolutionize your IT infrastructure. Fill out the form to get started.
