Cyber Security Analysis

A look into Roku cyber attacks

Over 500,000 accounts compromised in Roku attack.

Posted on April 12th of 2024, Roku released an article on their website, announcing that they were the victim of a cybersecurity attack. The attack took place earlier in 2024, using “credential stuffing”. Credential Stuffing, to use Roku’s own definition, “Credential stuffing is a type of automated cyberattack where fraudsters use stolen usernames and passwords from one platform and attempt to log in to accounts on other platforms. This method exploits the practice of individuals reusing the same login credentials across multiple services” (Roku). Basically, hackers copy credentials that are used on Roku’s accounts and try them out on different services. Around 576,000 accounts were compromised by their own admittance.

This is only the second attack has suffered this year, getting hit with an attack earlier this year, after the first attack compromised 15,000 accounts by, again, their own admittance. Using Scripps News as a source, they reported that around 400 accounts in the most recent attack lead to payment methods being exploited. They also reported that criminals who had access to compromised accounts were, "...selling stolen account data for as little as $0.50 on a hacking marketplace, giving buyers access to the stored financial data on each profile." (Scripps News) Roku's stock fell down by around 3% after the attack was revealed to the public.

Sources:

Roku
Scripps News

Source Analysis

Roku

The Roku blog post that was sourced is straight from the attacked party, and reads as an admission and warning to it's customers. They admit that their security was compromised and urge consumers to change their passwords and up their security. The post does not have a dedicated author, only listing that it was written by Roku Staff. It was written this month (April 2024). Despite this, they try to downplay the impact by claiming that the more than 500,000 compromised accounts were minimal compared to their total of 80 million accounts.

Scripps News

Scripps News is an actual article that is reporting on the attack. They reveal that Roku is only facing their second cyber security attack this year, which is a four month period. They reveal that accounts are being sold for mere cents online by citing another source, and report that Roku's stock fell after the attack. The article is written by Alex Arger, and was published three days after Roku's initial blog post.