Roku cancels unauthorized subscriptions and provides refunds for 15k breached accounts
Roku said it canceled unauthorized subscriptions and refunded more than 15,000 accounts after discovering what they called “suspicious activity.”
The streaming TV giant — which reported $3.4 billion in revenue last year — said that from the end of December to the end of February, hackers used username and password combinations breached from other services to login to user accounts.
“After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions,” the company said in breach notification letters.
“However, access to the affected Roku accounts did not provide the unauthorized actors with access to social security numbers, full payment account numbers, dates of birth, or other similar sensitive personal information requiring notification.”
Roku’s security team said that it notified law enforcement but did not wait for the investigation to conclude before taking action. After identifying potentially impacted Roku accounts, the security team forced password resets and investigated the account activity to determine whether the hackers had made any unauthorized charges.
Any charges that were unauthorized were canceled and users were refunded.
The company did not respond to requests for comment about how they were able to distinguish between legitimate charges and ones connected to hacker activity.
Roku added that it was still investigating the campaign to see whether there is more they can do to protect customers.
The company told regulators in Maine that 15,363 were affected and also filed breach notification documents in California.
Experts have long warned that due to thousands of breaches, millions of username and password combinations are available on the internet, allowing hackers to use automated tools to test them on other platforms. Because password reuse is so prevalent, hackers have little trouble breaching accounts on a variety of platforms.
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.