Technology
Over half a million Roku accounts compromised in second cybersecurity breach
Recently, Roku has faced significant security challenges, with two separate cyberattacks occurring within a short span.
The streaming giant confirmed that over half million Roku user accounts were compromised through credential-stuffing attacks in a second incident.
Man using a Roku remote (Roku)
What happened: A breakdown of the incidents
The first of these incidents was detected earlier this year when Roku’s security systems noticed unusual activity in about 15,000 user accounts. Investigations revealed that these breaches were due to credential stuffing, where attackers used login information stolen from other services to access Roku accounts. Fortunately, Roku confirmed that there was no compromise of their systems and the credentials used were obtained from external sources.
CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS AND EASY HOW-TO’S TO MAKE YOU SMARTER
The situation escalated with a second, larger-scale incident involving approximately 576,000 accounts. In fewer than 400 of these cases, malicious actors logged in and unauthorized purchases of streaming service subscriptions and Roku hardware products were made. However, sensitive user information, including full credit card numbers or other full payment information, remained secure.
Roku has over 80 million active accounts, and the affected accounts represent a small fraction of their user base. The company posted a statement on its website, saying, “We sincerely regret that these incidents occurred and any disruption they may have caused. Your account security is a top priority, and we are committed to protecting your Roku account.”
MORE: HOW TO FIND OUT WHO’S SPYING ON YOU
Roku’s proactive measures
In response to these security breaches, Roku has taken four proactive steps.
1. Password Resets: All affected accounts have had their passwords reset.
2. Direct Notifications: Roku has been notifying affected customers directly.
3. Refunds and Reversals: Charges made during the breach are being refunded or reversed.
4. Two-Factor Authentication: Roku has rolled out two-factor authentication (2FA) for all accounts to provide an additional layer of security.
NATIONWIDE ALERT: SMS PHISHING ATTACKS TARGET TOLL ROAD CUSTOMERS
MORE: HOW TO PROTECT YOURSELF FROM STREAMING HACKS
How you can help protect your account
Roku emphasizes the importance of user participation in securing accounts. Here are a few recommendations:
- Strong, Unique Passwords: Users are urged to create robust passwords that are unique to their Roku accounts. You might want to consider using a password manager to generate and store your passwords securely.
- Vigilance: Roku advises users to be vigilant against suspicious communications and to contact customer support if unsure about the authenticity of a request.
- Stay Informed: Users should regularly check their emails for communications from Roku and log into their accounts to review charges.
What to do if you’ve been hacked
If it has already happened, and you’ve been hacked, then you should take immediate action to minimize the damage and secure your device. Here are some steps that you can follow.
Change your Roku passwords
If hackers have recorded your passwords, they could access your online accounts and steal your data or money. ON ANOTHER DEVICE (i.e., your laptop or desktop), you should change your passwords for all your important accounts, such as email, banking, social media, etc. You want to do this on another device so the hacker isn’t’ recording you setting up your new password on your hacked device. And you should also use strong and unique passwords that are hard to guess or crack. You can also use a password manager to generate and store your passwords securely.
Enable two-factor authentication: Two-factor authentication prevents credential-stuffing attacks by adding an additional layer of security to your Roku account. It works by prompting you to enter a time-sensitive code along with your username and password. This prevents hackers from breaking into your account with just a stolen password.
Monitor your accounts and transactions
You should check your online accounts and transactions regularly for any suspicious or unauthorized activity. If you notice anything unusual, report it to the service provider or authorities immediately. You should also review your credit reports and scores to see if there are any signs of identity theft or fraud.
Use identity theft protection
Identity Theft protection companies can monitor personal information like your home title, Social Security Number, phone number and email address and alert you if it is being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
One of the best parts of using an identity theft protection company is that it could include identity theft insurance of up to $1 million to cover losses and legal fees and a white-glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.
Contact your bank and credit card companies
If hackers have obtained your bank or credit card information, they could use it to make purchases or withdrawals without your consent. You should inform your bank and credit card companies of the situation. They can help you freeze or cancel your cards, dispute any fraudulent charges and issue new cards for you.
Alert your contacts
If hackers have accessed your email or social media accounts, they could use them to send spam or phishing messages to your contacts. They could also impersonate you and ask for money or personal information. You should alert your contacts and warn them not to open or respond to any messages from you that seem suspicious or unusual.
Hacker on a laptop (Kurt “CyberGuy” Knutsson)
MORE: HACKERS USE PIRATED SOFTWARE TO HIJACK MAC, ANDROID AND WINDOWS DEVICES
Kurt’s key takeaways
Roku’s recent experiences highlight digital service providers’ ongoing challenges in securing user data against increasingly sophisticated cyberthreats. By implementing stronger security measures and fostering user awareness, Roku aims to safeguard against future incidents. The adoption of two-factor authentication is a significant step forward, ensuring that the security of user accounts is not solely dependent on passwords.
How has the recent surge in cyberattacks affected your trust in digital platforms, and what actions should companies take to regain your confidence? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips & security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Answers to the most asked CyberGuy questions:
Copyright 2024 CyberGuy.com. All rights reserved.
When Oregon resident Isabelle Reksopuro heard Google was gobbling up public land to fuel its data centers in her home state, she didn’t initially know what to believe. “There’s a lot of misinformation about data centers,” she said. “Google has denied taking that land.”
Technically, she explains, The Dalles, a city near the Washington state border, sought to reclaim that land, “and Google is just a big, unnamed power user.” The city had in fact asked for ownership of a 150-acre portion of Mount Hood National Forest, claiming it needs access to Mount Hood’s watershed to meet municipal needs as its population — 16,010 as of the 2020 census — grows. But critics, including environmentalists, say the city is trying to secure more water for Google, which has a sprawling data center campus in The Dalles that already consumes about one-third of the city’s water supply.
This controversy made Reksopuro curious about the backlash to data centers being built in other communities. So Reksopuro, a student at the University of Washington who studies the connections between tech and public policy, decided to map it out. Using information collected by Epoch AI and data scraped from legislation on data centers, she built an interactive map tracking AI policy around the world. She designed it to be simple enough for anyone to use. “I wanted it to be something that my younger sisters could play through and explore to understand what are the data centers in the area and what’s actually being done about it,” Reksopuro said. She hoped to shift their opinions that way, “instead of like, through TikTok.”
Four times a day, the map searches for new sources and checks them against the existing database Reksopuro built out. “Once it does that, it will write a new summary, add it to the news feed, and populate it on the sidebar,” she said. “I wanted it to be self-updating, since I’m also a student.”
Reksopuro isn’t against data centers, but she thinks tech giants benefit from a lack of transparency around data center policies. “Right now, it’s this really opaque thing — and all of a sudden, there’s a facility,” she said. “I think that if people knew about data centers beforehand, it would give them leverage. They would be able to negotiate: ask for job training programs, tax revenue, environmental monitoring, things to improve their community.”
UCF commencement speaker Gloria Caulfield (University of Central Florida via Storyful)
NEWYou can now listen to Fox News articles!
Welcome to Fox News’ Artificial Intelligence newsletter with the latest AI technology advancements.
IN TODAY’S NEWSLETTER:
– UCF graduates clobber commencement speaker with boos after she says AI is the ‘next Industrial Revolution’
– OPINION: DIRECTOR KASH PATEL: We brought the FBI out of the past and into the AI age
– OpenAI backs creation of global AI governance body led by the U.S. that would include China as a member
TOUGH CROWD: During a recent commencement ceremony at the University of Central Florida, a speaker was met with loud boos from the graduating class after declaring that artificial intelligence represents the next industrial revolution. Fox News Digital reporting captures this tense cultural moment, illustrating the mixed public sentiment and skepticism surrounding AI’s growing footprint in daily life.
A statue on the campus of the University of Central Florida in Orlando, Florida. (iStock)
BADGE MEETS BYTE: Reflecting on the modernization of national security in a Fox News op-ed, FBI Director Kash Patel explores how the bureau must adapt its strategies to address modern threats and advance beyond the artificial intelligence age.
TECH DIPLOMACY: OpenAI is throwing its support behind the establishment of a new global artificial intelligence governance organization that would be led by the United States while notably including China as a member. Fox News Digital reporting examines the geopolitical dynamics and regulatory implications of this proposed framework as global powers race to set the standards for AI development.
EQUITY ELEVATION: The massive wave of wealth generated by the explosive growth of ChatGPT and the broader AI industry is driving a sudden surge in the San Francisco Bay Area’s luxury real estate market. Fox News Digital reporting breaks down how the influx of new tech capital is reshaping local housing dynamics and fueling a high-end property frenzy.
FBI Director Kash Patel listened as Acting Attorney General Todd Blanche spoke during a press conference at the Department of Justice on April 28, 2026, in Washington, D.C. (Tasos Katopodis/Getty Images)
STRATEGY RESET: Tech giant Cisco is planning to eliminate thousands of jobs as the company shifts its primary focus to accelerate its artificial intelligence initiatives, a move that comes despite the company beating earnings expectations. Fox News Digital reporting details the corporate restructuring and broader economic trends pushing legacy tech firms to aggressively pivot toward AI.
ROAD HAZARD: Waymo is issuing a sweeping recall of its autonomous vehicle fleet following a concerning incident that highlighted significant safety issues with the self-driving technology. Fox News Digital reporting outlines the specifics of the recall, the nature of the safety flaw, and what this setback means for the future of fully autonomous transportation on public roads.
BOTS IN THE BAY: A newly developed, artificial intelligence-powered robot has been engineered to seamlessly change and balance vehicle tires without human intervention. Fox News Digital reporting showcases this latest innovation, exploring how automation and AI mechanics could soon revolutionize the automotive service and repair industry.
OpenAI CEO Sam Altman speaks during the 2026 Infrastructure Summit in Washington, D.C., on March 11, 2026. (Kylie Cooper/Reuters)
FOLLOW FOX NEWS ON SOCIAL MEDIA
YouTube
SIGN UP FOR OUR OTHER NEWSLETTERS
Fox News First
Fox News Opinion
Fox News Lifestyle
Fox News Health
DOWNLOAD OUR APPS
Fox News
FOX Business
Fox Weather
Fox Sports
Tubi
WATCH FOX NEWS ONLINE
Fox News Go
STREAM FOX NATION
Fox Nation
Stay up to date on the latest AI technology advancements and learn about the challenges and opportunities AI presents now and for the future with Fox News here.
Microsoft Edge is adding a new feature that will allow its Copilot AI chatbot to gather information from all of your open tabs. When you start a conversation with Copilot, you can ask the chatbot questions about what’s in your tabs, compare the products you’re looking at, summarize your open articles, and more.
In its announcement, Microsoft says you can “select which experiences you want or leave off the ones you don’t.” The company is retiring Copilot Mode as well, which could similarly draw information from your tabs but offered some agentic features, like the ability to book a reservation on your behalf. Microsoft has since folded these agentic capabilities into its “Browse with Copilot” tool.
Several other AI features are coming to Edge, including an AI-powered “Study and Learn” mode that can turn the article you’re looking at into a study session or interactive quiz. There’s a new tool that turns your tabs into AI-powered podcasts as well, similar to what you’d find on NotebookLM, and an AI writing assistant that will pop up when you start entering text on a webpage.
You can also give Copilot permission to access your browsing history to provide more “relevant, high-quality answers,” according to Microsoft. Copilot in Edge on desktop and mobile will come with “long-term memory” as well, which can tailor its responses based on your previous conversations. And, when you open up a new tab, you’ll see a redesigned page that combines chat, search, and web navigation, along with the Journeys feature, which uses AI to organize your browsing history into categories that you can revisit.
Meanwhile, an update to Edge’s mobile app will allow you to share your screen with Copilot and talk through the questions about what you’re seeing. Microsoft says you’ll see “clear visual cues” when Copilot is active, “so you know when it’s taking an action, helping, listening, or viewing.”
-
Kentucky1 minute agoFormer Kentucky FOP spokesperson pleads guilty to wire fraud
-
Louisiana7 minutes agoLouisiana receives $18.9 million in FEMA grants for hurricane recovery
-
Maine13 minutes agoMaine Trash Kings turns clutter into cash across Searsport
-
Maryland19 minutes agoSee which baby names were the most popular in DC, Maryland, and Virginia in 2025
-
Michigan25 minutes agoMan curses Arab candidate after allegedly tossing brick at office
-
Massachusetts31 minutes agoTrauma foam developed by Massachusetts company used to stop internal bleeding in first patient
-
Minnesota37 minutes agoMinnesota could see northern lights tonight, here’s how
-
Mississippi43 minutes agoGolden Spikes watchlist features players from Mississippi State, Ole Miss – SuperTalk Mississippi