Roku hit with second major breach of 2024, this time affecting 576,000 users
by Emilia David from The Verge - All Posts on (#6M1K8)
Image: The Verge
Roku says it found another cyberattack on Friday that affected 576,000 users. This is the second breach to affect the company since March.
Roku says the attackers used the login information of account holders, a technique called credential stuffing, to gain access to the streaming service and the payment methods of some users. The hackers were then able to use partial credit card numbers from about 400 cases" to make unauthorized purchases for subscriptions to streaming services and Roku devices. But the company said the hackers did not get sensitive information like full credit card numbers and addresses.
The hackers used a method called credential stuffing, in which malicious actors take stolen usernames and passwords and try these...