Roku, a leading provider of streaming services boasting approximately 80 million accounts, has confirmed a second cyber attack occurring in March of this year, potentially affecting around 500,000 of its customers. This incident stands distinct from the earlier attack in January, which impacted over 15,000 customers.
The aftermath of this cyber incident has been reflected in the company’s stock performance, with shares experiencing a 2% decline from their original price last Friday.
Initial investigations suggest that threat actors utilized compromised credentials to make unauthorized purchases of additional streaming services and hardware products. Many affected users had stored their payment details in their accounts, exacerbating the impact. It appears that this latest attack stemmed from a previous breach earlier in the year.
Security experts at Roku have identified the second attack as resulting from unauthorized access via credential stuffing, a technique exploiting the prevalence of users employing the same login credentials across multiple platforms.
Compounding the issue are login practices by prominent service providers like Google, which encourage users to employ identical email IDs and logins across various online services, including gaming and shopping accounts.
Despite the challenges, cybersecurity professionals at Roku express confidence in their ability to mitigate the repercussions of the attack through strategic planning and the implementation of damage control measures.
One recommended measure to enhance security is the adoption of complex passwords, ideally comprising 16-18 characters incorporating a mix of alphanumeric and special characters. Furthermore, avoiding the use of identical passwords across different platforms can provide an additional layer of defense against cyber threats.
As exemplified by the Roku case, it is advisable for users to regularly review their account activity, particularly purchases and subscriptions, as a proactive measure against potential unauthorized access.
