Half a Million Roku Accounts Compromised in Credential Stuffing Attack


April 15, 2024

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Half a Million Roku Accounts Compromised in Credential Stuffing Attack

Following an investigation into unusual activity regarding login attempts using personal information from third-party data breaches, Roku said it has found over half a million additional accounts impacted by this problem.

In March 2023, Roku said hackers managed to access the accounts of 15,363 US residents following credential-stuffing activity that lasted a few months.

Basically, attackers used credentials from other data breaches and tried them on Roku. Since around 30 to 40 percent of users tend to use the same password on multiple accounts, compromising Roku accounts wasn’t difficult.

When the company investigated the initial problem, it found some 576,000 additional accounts were caught in this attack.

“There is no indication that Roku was the source of the account credentials used in these attacks or that Roku’s systems were compromised in either incident,” said the company. “Rather, it is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials.”

The problem is not necessarily that other people accessed the account, although this is a serious issue. It turns out that criminals, in around 400 cases, logged in and made unauthorized purchases of streaming service subscriptions and Roku hardware using the payment method stored in these accounts. The good news is they had no access to credential card information.

Of course, Roku has reset all passwords for the affected accounts and notified the customers. More importantly, the company has enabled two-factor authentication (2FA) for all Roku accounts, even for those the recent incidents didn’t affect.

Need help navigating data breaches?

Use Bitdefender Digital Identity Protection to considerably improve your digital privacy and take action immediately after a breach. Key features include:

  • Comprehensive dashboard where you can get an extensive overview of all your personal data, even traces from services you no longer use
  • 24/7 monitoring of your data on both the public and Dark Web, immediately notifying you of incidents that may involve your information
  • Simple, 1-click action items to instantly shut down any weak spots in your digital footprint




Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.

View all posts

You might also like