Roku has disclosed a second data breach in as many months. While it was looking into a previous incident in which 15,000 accounts were affected, the company learned that another 576,000 accounts had been compromised.
In both incidents, Roku believes that the attackers used a method called credential stuffing. “It is likely that login credentials used in these attacks were taken from another source, like another online account, where the affected users may have used the same credentials,” the company says.
Roku added that, in fewer than 400 cases, attackers used victims’ Roku
→ Continue reading at Engadget
