Roku confirms over half a million accounts hacked in second credential stuffing incident | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

What you need to know

  • Approximately 576,000 Roku accounts were accessed through a credential stuffing attack, the company confirmed in an April 12 statement.
  • The latest attack comes a month after about 15,000 Roku accounts were breached through the same method of attack. 
  • While the hackers couldn’t access “sensitive user information or full credit card information,” they successfully made purchases within Roku using fewer than 400 breached accounts. 

Roku suffered a limited security incident last month that left roughly 15,000 user accounts vulnerable, and now, another 576,000 have been impacted by a second attack. The company announced that over half a million accounts were fraudulently accessed through credential stuffing in an April 12 statement. While hackers were unable to access sensitive information, they were able to make purchases using a very limited number of Roku accounts. 

Credential stuffing is a method of attack in which hackers use previously leaked login credentials on popular sites. That’s why cybersecurity experts warn against using the same password on two different websites. If the password to one account is leaked in a hack, bad actors can try to use that same username and password combination to log in to another. Roku says that since this was a credential-stuffing attack, it was not the source of the login credentials used to breach the 576,000 accounts.

{n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}
fbq(‘init’, ‘1765793593738454’);
fbq(‘track’, ‘PageView’);


Click Here For The Original Story From This Source.


National Cyber Security