I don't know how many of you saw this news
https://www.reuters.com/technology/cybersecurity/roku-says-more-than-500000-accounts-impacted-by-cyber-attack-2024-04-12/ROKU on Friday said it identified a second cyberattack that affected 576,000 additional accounts while investigating a breach that affected 15,000 user accounts earlier this year.
The company, which had more than 80 million active accounts, said the hackers did not gain access to any sensitive information such as full credit card numbers or other payment details.
Roku's shares were down about 2% in early trading.
However, the company said it identified less than 400 cases where the information was used to make unauthorized purchases of streaming service subscriptions and hardware products using the payment method stored in the accounts.
The company said it would refund or reverse charges for accounts where it has determined unauthorized purchases have been made as part of the attack.
Roku pinned the unauthorized access to "credential stuffing", where users may have used the same credentials across different platforms.
Meanwhile, the company has enabled a two-factor authentication for all the accounts to beef up security controls.
Base on their Report you can see that this attack was happened because these customers used the same information they used on other platforms were a data breach have occurred.
I use this to bring to our noticed that we shouldn't use the same Information like email, password or other informations we used on our bitcointalk or any of our crypto related accounts were our funds are being saved in order to avoid any of this. This is among the core practices expected from a bitcoiner or any crypto investor.
Also here is site to check if your email has ever experienced a data breach online
https://haveibeenpwned.com/ While they have been trustworthy for long and have good data policy, it should be noted that some people are actually cautious of reviewing this info to them out of the fact that they think once they do this, it may be Trace to them through various ways like IP, though I do use it and it really work well for me since it gives me info on the platform were the data breach occurred