Hackers hijacked over 15,000 Roku accounts to buy subscriptions illicitly

Roku says hackers changed the Roku login information for the affected individual Roku accounts after gaining access
An undated image displaying Roku logo. — Roku
An undated image displaying Roku logo. — Roku

In a surprising turn of events, a group of hacker hacked over 15,000 Roku accounts to buy subscriptions illicitly. The company advised users to immediately secure their accounts by changing passwords.

The development came to light when the renowned streaming platform, Roku, acquainted authorities on Friday in California and Maine about a data breach that targeted 15,363 Roku users in the US.

The data of the system breach disclosed by the company indicates that Roku users were targeted by hacker from from December 28, 2023, to February 21, 2024.

Read more: GeForce Now down globally, Nvidia pledges restoration soon

Clarifying the tactics hackers employed to get the control of users' accounts, the data further mentions that the notorious minded people used login/password combinations that were publicised in previous hacks at third-party services.

 “After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions,” the company said.

What makes Roku accounts more vulnerable to such threats is the lack of two-factor authentication, and there's no indication so far for the account authentication method to be used by the streaming platform on its login system.

Due to the leaked credentials, hackers were able to gain unauthorised access to the impacted Roku accounts, as some users tend to use the same login details for multiple websites. 

According to BleepingComputer, the hackers aimed to sell access to these compromised accounts for as little as $0.50, allowing buyers to make fraudulent purchases, including Roku streaming devices and accessories. 

Roku detected the hijacking in January and took action by identifying the affected accounts, resetting their passwords, and cancelling any unauthorised streaming subscriptions. Additionally, the company provided refunds for any fraudulent purchases.

“Finally, our team continues to actively monitor for signs of suspicious activity, to ensure that all customer information and data is kept secure,” Roku added. No payment card data, birth dates, or Social Security numbers were exposed during the incident.