ROKU – the company behind the popular Fire TV Stick rival – has admitted that more than 15,000 user accounts have been hacked.

Evidence suggests that hackers obtained credit card information from user accounts on two separate occasions and attempted to make fraudulent purchases.

Not only were financial details exposed, but names, emails and passwords too

1

Not only were financial details exposed, but names, emails and passwords tooCredit: Getty

The company says the first breach occurred last year, and a second attack occurred in February.

Roku added that it has refunded customers who were impacted by wrongful purchases.

Once bad actors gained access to the accounts via their leaked login information, hackers locked out the original customers.

According to Roku, many account holders will not have received email confirmation of fraudulent orders made via the account.

READ MORE ON ROKU

This is because the hackers swiftly changed the account information once they had broken inside.

It is encouraged Roku customers check their bank statements for any fishy purchases.

Not only were financial details exposed, but names, emails and passwords too.

How to keep your accounts secure

It is strongly advised that registered Roku users reset their passwords.

If the password that was leaked in the breach is one used for multiple accounts, then customers should also change the passwords on those accounts as well.

Roku says it required registered owners to reset their passwords while they investigated the wrongful activity – so you may have already done this.

However, it’s important to secure your other accounts too.

It’s also advised to set up two-factor authentication (2FA) on all the accounts you can.

Two-factor authentication is becoming increasingly popular – and is available across Google and WhatsApp accounts too.

It involves users need both a password and a passcode that’s texted to them to access accounts, and avoid hacking.

The breaches were documented in a filing made to the attorneys general’s office for Maine and California on March 8.

Most read in Tech

Here, Roku explains that the incidents occurred on December 28, 2023 and February 21, 2024.

In response, Roku says it quickly “secured the accounts from further unauthorised access”. 

The company will continue to keep a watchful eye out for any more “signs of suspicious activity”.

This post first appeared on Thesun.co.uk

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Forget Lord of the Rings: Gollum – the worst big name game of 2023 has just launched

LORD of the Rings: Gollum launched in an unplayable state, filled with…

Gamers urged to make two important ‘ping’ checks to instantly boost Wi-Fi speeds – say goodbye to buffering

GAMERS have been urged not to miss two important checks that ensure…

How American Politics Became a Meme Theater

That would certainly be a change from how politicians originally ended up…

Maps Are Biased Against Animals

Type Serengeti into Google Maps. The screen immediately zooms in on a…