Over 500,000 Roku Streaming Accounts Hacked—Urgent Call for Unique Passwords

SafeWise experts have years of firsthand experience testing the products we recommend. Learn how we test and review

Bell
Need to Know from SafeWise
  • Over half a million Roku accounts were compromised in a a hacking attack.
  • Around 400 accounts confirmed unauthorized purchases as a result.
  • Reused passwords are a major culprit in attacks like this one.
  • Get all the details in my latest video.
Apr 30, 2022: Exterior view of the Roku headquarters in San Jose, California. Roku is a streaming platform that connects the entire TV ecosystem.

Image: hapabapa, iStock

Over the weekend, we saw a perfect example of why you need unique passwords for everything.

Roku smart TVs and streaming are in the homes of 80 million active users. But over the weekend, an unlucky 576,000 were targeted by the cyberattack. While Roku says that fewer than 400 of these accounts were used to make unauthorized purchases, it's theorized that the attack used a method called "credential stuffing."

How the attack happened

The attack, which began on Friday with approximately 15,000 accounts compromised, escalated over the weekend, affecting over 575,000 users. Roku suspects this assault employed "credential stuffing," where hackers utilize stolen credentials from one source and attempt to use them across multiple accounts.

Although Roku has confirmed that fewer than 400 compromised accounts were utilized to make unauthorized purchases, the company asserts that sensitive information, such as full credit card numbers, remained inaccessible to the attackers. In response to the breach, Roku has taken decisive action by refunding affected customers for any unauthorized transactions and implementing two-factor authentication (2FA) for all Roku accounts.

Roku reminds users to make strong, unique passwords

A spokesperson for Roku emphasized the importance of maintaining strong and unique passwords for online accounts. They stated, "Earlier this year, Roku's security monitoring systems detected an increase in unusual account activity. After a thorough investigation, we determined that unauthorized actors had accessed about 15,000 Roku user accounts using login credentials (i.e., usernames and passwords) stolen from another source unrelated to Roku through a method known as 'credential stuffing.'"

Roku advises users to remain vigilant and to monitor their accounts for any suspicious activity or unauthorized purchases. In case of doubt, users are encouraged to reach out to Roku customer support for assistance.

Additionally, users are urged to be cautious of emails, news, or correspondence that may appear to be from Roku, as cybercriminals often use phishing tactics to deceive unsuspecting individuals.

Katie McEntire
Written by
Katie McEntire
As a renter, pet-owner, and woman living alone, Katie McEntire takes safety seriously. She’s tested devices like pet cameras, home security systems, and GPS trackers in her own home and devices in the name of safety. In addition to testing, writing, and reviewing for SafeWise, she also makes videos for the site’s YouTube channel. She’s been featured on publications like TechGuySmartBuy, Forbes, Healthy Moms, and Digital Care. Katie has a Bachelor’s degree in Technical Writing from Austin Peay State University in Clarksville, Tennessee. She’s held previous writing positions at Overstock.com and Top Ten Reviews.

Recent Articles

woman adjusting thermostat in bright home
The Best Home Security Systems of 2024
After thousands of hours of tests and research, we picked Vivint and SimpliSafe as the...
Man and woman couple wife husband set up surveillance security camera
Best Apartment Security Systems
These renter-friendly apartment security systems help keep you safe and require less commitment than your...
diy-security-system-on-ipad
Best DIY Home Security Systems of 2024
SimpliSafe is the best DIY home security system because it's cost-efficient, effective, and easy to...
happy older women sitting together
Best Medical Alert Necklaces
If you find yourself in an emergency, a medical alert necklace can contact trained professionals...