Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Kiplinger
Kiplinger
Business
Joey Solitro

Roku Breach Affects Thousands of Accounts — What To Know

Red hazards sign and the words "data breach" sit on top of a partial computer keyboard.

Roku has been hit by cyber hackers who gained access to 15,363 accounts and took usernames and passwords that customers also used on other websites, the TV streaming platform recently disclosed.

The breach, reported on March 8, occurred between December 28, 2023 and February 21, according to a disclosure notice with the Maine Attorney General's Office

Roku said it has already reset the account passwords of those affected by the cyber attack, but encourages users to also take the following steps:

What to do

Hackers tried to buy subscriptions

The breach is the latest in a long line of cyber attacks on businesses and follows a massive breach at 23andMe last December. The breach at the genetic testing company also involved hacks of accounts in which customers used the same passwords and usernames from other websites.

Experts warn customers to change their passwords often and don't use the same ones across accounts.

In a March 8 letter sent to users, Roku said that it observed suspicious activity "indicating that certain individual Roku accounts may have been accessed by unauthorized actors.” 

After an investigation, Roku found that unauthorized actors likely obtained the usernames and passwords of subscribers from third-party sources, such as data breaches of other services that those subscribers use, and then used those same logins and passwords to gain access to Roku accounts.

“After gaining access, they then changed the Roku login information for the affected individual Roku accounts and, in a limited number of cases, attempted to purchase streaming subscriptions,” Roku said. “However, access to the affected Roku accounts did not provide the unauthorized actors with access to social security numbers, full payment account numbers, dates of birth, or other similar sensitive personal information requiring notification.”

To reset your Roku account, go to my.roku.com and use the “forgot password?” option on the sign-in page.

Roku users with any questions about the incident are encouraged to contact Roku at 1-816-272-8106 or by email at account-help@roku.com.

For more information regarding warning signs of identity theft, how to report identity theft and how to protect yourself, visit USA.gov’s Identity Theft webpage.

RELATED CONTENT

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.