Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Generic User Avatar

Roku hacked and shortly after they made you sign to new terms.


  • Please log in to reply
10 replies to this topic

#1 SuperSapien64

SuperSapien64

  •  Avatar image
  • Members
  • 2,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 12 March 2024 - 05:41 PM

This is just scummy what Roku did they made everyone of their users sign to a new terms and (so you can't sue them) and then shortly afterwards they get hacked very suspicious its almost like they suspected this was going to happen and instead of having some form of TFA they just covered their butts.

 

 

Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware

 

https://www.bleepingcomputer.com/news/security/over-15-000-hacked-roku-accounts-sold-for-50-each-to-buy-hardware/



BC AdBot (Login to Remove)

 


#2 Pkshadow

Pkshadow

    Me, Myself & I


  •  Avatar image
  • Members
  • 14,990 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:On the Brow of the Hill, West Coast, Canada
  • Local time:12:43 AM

Posted 12 March 2024 - 05:55 PM

Suggest that they already knew.

 

Stay up to date on it and look for a Class Action.


" mosquitoes really wake up everyday and choose violence "   — dalia (@_dalia7)
www.cnn.com/2020/07/23/health/mosquitoes-attraction-humans-future-wellness-scn/index.html
Ticks - Lyme disease & anaplasmosis - https://www.ctvnews.ca/health/what-you-should-know-about-the-tick-borne-disease-anaplasmosis-1.6942217
 
I-7 ASUS ROG Rampage II Extreme  / ASUS TUF Gaming F17 / I-7 4770K ASUS ROG Maximus VI Extreme

#3 buddy215

buddy215

  •  Avatar image
  • Moderator
  • 20,598 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:43 AM

Posted 12 March 2024 - 06:18 PM

Assuming what Roku has said about how the account info was obtained.....the Roku customer is to blame.

I have no reason to think Roku is being dishonest about that.

QUOTE:

On Friday, March 8, Roku sent out a notification to over 15,000 users to inform them about their accounts being breached by hackers.

Roku explained in the letter that the hackers likely obtained user data from other data breaches and used leaked username and password combinations to access Roku accounts. After gaining access to the Roku accounts, the hackers changed login details and, in some instances, tried to purchase streaming subscriptions with the stored credit card information.

 

I take the precaution of not allowing my browser to save login info and CC info on websites that I have used my CC on.

I have a ROKU device and am not concerned about my account being one that was compromised. Nor have I received

a notification from ROKU.


 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
If we are to have another contest in the near future of our national existence, I predict that the dividing line will not be Mason and Dixon’s, but between patriotism and intelligence on the one side, and superstition, ambition, and ignorance on the other. Ulysses S. Grant...Republican president who correctly predicted the cause of Trump's attempted coup.

 

 


#4 SuperSapien64

SuperSapien64
  • Topic Starter

  •  Avatar image
  • Members
  • 2,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 12 March 2024 - 06:55 PM

 

Assuming what Roku has said about how the account info was obtained.....the Roku customer is to blame.

I have no reason to think Roku is being dishonest about that.

QUOTE:

On Friday, March 8, Roku sent out a notification to over 15,000 users to inform them about their accounts being breached by hackers.

Roku explained in the letter that the hackers likely obtained user data from other data breaches and used leaked username and password combinations to access Roku accounts. After gaining access to the Roku accounts, the hackers changed login details and, in some instances, tried to purchase streaming subscriptions with the stored credit card information.

 

I take the precaution of not allowing my browser to save login info and CC info on websites that I have used my CC on.

I have a ROKU device and am not concerned about my account being one that was compromised. Nor have I received

a notification from ROKU.


 

 

Well neither have I received an email from Roku but I changed my password all the same, just to be safe. And I also don't save my passwords in my browser I use a password manager namely KeepassXC.



#5 cryptodan

cryptodan

    Bleepin Madman


  •  Avatar image
  • Members
  • 36,797 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:43 AM

Posted 12 March 2024 - 09:18 PM


Assuming what Roku has said about how the account info was obtained.....the Roku customer is to blame.
I have no reason to think Roku is being dishonest about that.
QUOTE:
On Friday, March 8, Roku sent out a notification to over 15,000 users to inform them about their accounts being breached by hackers.
Roku explained in the letter that the hackers likely obtained user data from other data breaches and used leaked username and password combinations to access Roku accounts. After gaining access to the Roku accounts, the hackers changed login details and, in some instances, tried to purchase streaming subscriptions with the stored credit card information.
 
I take the precaution of not allowing my browser to save login info and CC info on websites that I have used my CC on.
I have a ROKU device and am not concerned about my account being one that was compromised. Nor have I received
a notification from ROKU.


The fact you haven't been notified is suspicious and is enough reason not to trust or use roku in my professional cyber security opinion.
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t

#6 SuperSapien64

SuperSapien64
  • Topic Starter

  •  Avatar image
  • Members
  • 2,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 16 March 2024 - 05:59 PM

I think Pkshadow has a point because it looks like Roku had knowledge ahead of time about this hack, and that's why they forced everyone to sign a agreement in order to use your Roku device.



#7 buddy215

buddy215

  •  Avatar image
  • Moderator
  • 20,598 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:43 AM

Posted 16 March 2024 - 06:07 PM

There is no reason to think something suspicious about me not being notified. Roku said it

notified the 15,000 users whose login credentials were obtained and offered for sale.

I have no reason to doubt what Roku has said about how that info was obtained. It was not

obtained from their servers but from some other means due to users not properly protecting

their login info.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
If we are to have another contest in the near future of our national existence, I predict that the dividing line will not be Mason and Dixon’s, but between patriotism and intelligence on the one side, and superstition, ambition, and ignorance on the other. Ulysses S. Grant...Republican president who correctly predicted the cause of Trump's attempted coup.

 

 


#8 SuperSapien64

SuperSapien64
  • Topic Starter

  •  Avatar image
  • Members
  • 2,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 16 March 2024 - 06:11 PM

There is no reason to think something suspicious about me not being notified. Roku said it

notified the 15,000 users whose login credentials were obtained and offered for sale.

I have no reason to doubt what Roku has said about how that info was obtained. It was not

obtained from their servers but from some other means due to users not properly protecting

their login info.

Sheesh why do web browsers still offer the option to store passwords when there are so times this is exploited. I mean they lack proper encryption. :rolleyes:



#9 cryptodan

cryptodan

    Bleepin Madman


  •  Avatar image
  • Members
  • 36,797 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:43 AM

Posted 16 March 2024 - 06:21 PM

There is no reason to think something suspicious about me not being notified. Roku said it
notified the 15,000 users whose login credentials were obtained and offered for sale.
I have no reason to doubt what Roku has said about how that info was obtained. It was not
obtained from their servers but from some other means due to users not properly protecting
their login info.


Sorry but I disagree with your security assessment of the Roku Breach they are supposed to notify all users of their service regardless of whose login details were used. I've been informed by many companies that were part of a breach to change my credentials immediately to mitigate the impact of other accounts being used by unauthorized users of the service.

That's how smart and intelligent service providers operate.
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t

#10 cryptodan

cryptodan

    Bleepin Madman


  •  Avatar image
  • Members
  • 36,797 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:43 AM

Posted 16 March 2024 - 06:23 PM


There is no reason to think something suspicious about me not being notified. Roku said it
notified the 15,000 users whose login credentials were obtained and offered for sale.
I have no reason to doubt what Roku has said about how that info was obtained. It was not
obtained from their servers but from some other means due to users not properly protecting
their login info.

Sheesh why do web browsers still offer the option to store passwords when there are so times this is exploited. I mean they lack proper encryption. :rolleyes:

My credentials have never been stolen off my browsers in the many years I've been using computers they have always been stolen via other means and methods not involving my home network.
US Navy Veteran from 2002 to 2006
Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015
Arch Desktop - https://termbin.com/1h62
Arch Laptop - hhttps://www.termbin.com/98dd
Ubuntu Server - https://termbin.com/ng9t

#11 SuperSapien64

SuperSapien64
  • Topic Starter

  •  Avatar image
  • Members
  • 2,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 17 March 2024 - 02:23 PM

@cryptodan

 

Hmm I guess maybe Roku might be at fault after all.

 

Roku's Data Breach Nightmare & Forced Arbitration Scandal, Why They Held Your TV Hostage: https://www.youtube.com/watch?v=hgV9VWeCnN4

 

I think Louis has a point here.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users