Security News > 2024 > April > Roku warns 576,000 accounts hacked in new credential stuffing attacks
Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March.
The company said the attackers used login information stolen from other online platforms to breach as many active Roku accounts as possible in credential stuffing attacks.
As BleepingComputer reported in March, threat actors are using credential stuffing attacks with Open Bullet 2 or SilverBullet cracking tools to compromise Roku accounts, which are then sold for as little as 50 cents on illegal marketplaces.
The sellers also provide information on using the stolen accounts to make fraudulent purchases, including Roku streaming boxes, sound bars, light strips, and TVs. After discovering this second wave of credential stuffing attacks, Roku has reset the passwords for all impacted accounts and is notifying affected customers directly about the incident.
Last month, Roku disclosed another data breach that impacted an additional 15,363 customers of a total of over 80 million active users after their accounts were also used to make fraudulent purchases of streaming subscriptions and Roku hardware.
Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware.