Security News > 2024 > March > Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware

Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware
2024-03-11 17:49

Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions.

On Friday, Roku first disclosed the data breach, warning that 15,363 customer accounts were hacked in a credential stuffing attack.

"After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions."

To generate revenue, Roku also allows customers to purchase streaming subscriptions directly through their Roku account.

Successfully hacked accounts are then sold on stolen account marketplaces for as little as 50 cents, as seen below where 439 accounts are being sold.

A source told BleepingComputer that the new Dispute Resolution Terms are in part related to the ongoing credential stuffing attacks and financial fraud being conducted through the hacked accounts.


News URL

https://www.bleepingcomputer.com/news/security/over-15-000-hacked-roku-accounts-sold-for-50-each-to-buy-hardware/