Roku said Friday that more Roku customers are affected by its second data breach. The streaming brand disclosed a breach affecting 576,000 user accounts. This follows another incident involving his 15,000 accounts that was recently discovered.
In response to the new breach, Roku has enabled two-factor authentication for all Roku accounts, according to a blog post. The company said it has notified affected users and has already reset their passwords.
Roku said that in both breaches, the login credentials used in the attacks were likely obtained from external sources, such as web accounts where users used the same credentials. The company said there was “no indication” that its systems had been compromised.
However, a small number of customers were affected by fraudulent transactions. Roku says, “In less than 400 cases, malicious attackers logged in and fraudulently purchased streaming service subscriptions or Roku hardware products using payment methods stored in those accounts. “However, we did not have access to confidential information, including complete information.” Credit card number or other complete payment information. ” The company is reversing or refunding fraudulent charges.
Roku has more than 80 million active accounts and offers streaming media players, smart TVs, and a streaming platform that gives customers access to apps like Netflix and Disney Plus. As part of the new two-factor authentication, users will be required to click a confirmation link sent to their email the next time they attempt to log into their Roku account. The company is reminding users to use strong, unique passwords and to be wary of suspicious communications claiming to be from Roku. (Learn more about how to keep your password secure.)