Roku has disclosed a breach that allowed hackers to gain access to 15,363 accounts and stored credit card information, as first reported by Bleeping Computer. In a notice sent to customers, Roku says hackers obtained login information and tried to purchase streaming subscriptions in a “limited number” of instances.

Hackers likely obtained account information exposed in previous data breaches of third-party services, Roku says. This kind of attack, called credential stuffing, involves hackers getting the emails and passwords exposed in data breaches and trying the combination on other services. Once they gained access to an account, Roku hackers changed the login information for some accounts, allowing them to gain full control.

If the…

Continue reading…

By