ETFOptimize | High-performance ETF-based Investment Strategies

Quantitative strategies, Wall Street-caliber research, and insightful market analysis since 1998.
ETFOptimize | HOME
Close Window
Recent Quotes
My Watchlist
Indicators
Markets
Stocks
ETFs
Tools
Overview
News
Currencies
International
Treasuries

Roku says it experienced second 'credential stuffing' incident

By: FOX Business
Roku said bad actors entered more than half a million Roku accounts without permission in another cyber incident. It disclosed the first 'credential stuffing' incident to users last month.

Bad actors entered more than half a million Roku accounts without permission in another cyber incident.

The video streaming company said Friday the latest "credential stuffing" attack of 576,000 accounts came to light in the midst of its efforts to "monitor account activity closely." Those had been prompted by a prior breach. 

The first incident saw bad actors illegally getting into 15,300 accounts through that tactic. Roku let those users know about that incident in March.

ROKU HACKERS BREACH 15,000 ACCOUNTS, USED DATA TO SUBSCRIBE TO STREAMING SERVICES

Sensitive personal data and full payment information did not get exposed in either incident, according to the company.

"There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident," the company said Friday. "Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials."

The bad actors did take advantage of stored payment information in less than 400 instances, buying streaming service subscriptions and hardware. Such accounts will get refunds, the streaming company said.

Roku said account security was a "top priority" for the company.

COMCAST SAYS XFINITY CYBERSECURITY INCIDENT MAY HAVE COMPROMISED CUSTOMER DATA

It is "implementing a number of controls and countermeasures to detect and deter future credential stuffing incidents." Those efforts included password resets for impacted users and two-factor authentication for every customer that uses its service, according to Roku.

The pair of breaches hit a "small fraction" of its total users, it said. In the fourth quarter, it reported 80 million active accounts collectively responsible for 29.1 billion streaming hours.

Other companies have faced credential stuffing incidents in recent months. For example, DNA-testing company 23andMe attributed an October breach to the tactic.

RISK OF CYBER INCIDENTS WEIGH HEAVILY ON BUSINESSES FOR 2024, REPORT FINDS

In January, an Allianz Commercial report identified cyber incidents as 2024’s "top business risk." Of the over 3,000 customer businesses, industry trade organizations risk management professionals and others that participated in the survey, over one-third said cyber incidents of various kinds were the risk weighing on them the most.

Related Stocks:
Roku Inc
Data & News supplied by www.cloudquote.io
Stock quotes supplied by Barchart
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.


 
IntelligentValue Home
Close Window

DISCLAIMER

All content herein is issued solely for informational purposes and is not to be construed as an offer to sell or the solicitation of an offer to buy, nor should it be interpreted as a recommendation to buy, hold or sell (short or otherwise) any security.  All opinions, analyses, and information included herein are based on sources believed to be reliable, but no representation or warranty of any kind, expressed or implied, is made including but not limited to any representation or warranty concerning accuracy, completeness, correctness, timeliness or appropriateness. We undertake no obligation to update such opinions, analysis or information. You should independently verify all information contained on this website. Some information is based on analysis of past performance or hypothetical performance results, which have inherent limitations. We make no representation that any particular equity or strategy will or is likely to achieve profits or losses similar to those shown. Shareholders, employees, writers, contractors, and affiliates associated with ETFOptimize.com may have ownership positions in the securities that are mentioned. If you are not sure if ETFs, algorithmic investing, or a particular investment is right for you, you are urged to consult with a Registered Investment Advisor (RIA). Neither this website nor anyone associated with producing its content are Registered Investment Advisors, and no attempt is made herein to substitute for personalized, professional investment advice. Neither ETFOptimize.com, Global Alpha Investments, Inc., nor its employees, service providers, associates, or affiliates are responsible for any investment losses you may incur as a result of using the information provided herein. Remember that past investment returns may not be indicative of future returns.

Copyright © 1998-2017 ETFOptimize.com, a publication of Optimized Investments, Inc. All rights reserved.