Comment on Roku suffered another data breach, this time affecting 576,000 accounts
Nougat@fedia.io 6 months ago
This is not a "Roku data breach."
This is a use of compromised user credentials, with Roku as the target.
Comment on Roku suffered another data breach, this time affecting 576,000 accounts
Nougat@fedia.io 6 months ago
This is not a "Roku data breach."
This is a use of compromised user credentials, with Roku as the target.
Ghostalmedia@lemmy.world 6 months ago
Yeah, but they don’t have contemporary best practices in place that would’ve reduced their exposure to this.
Nougat@fedia.io 6 months ago
The only thing that would have prevented this in this context would be mandatory MFA. Did they have that? No, but there's a huge number of places that are way more sensitive than a streaming platform that don't have mandatory MFA (coughETradecough).
It is wholly misleading to characterize this as a "Roku data breach," and it's disingenuous to portray Roku in this instance as somehow glaringly worse than everyone else.
Cocodapuf@lemmy.world 6 months ago
Wouldn’t salted hashes have prevented this?
You just add some extra characters to every password before hashing and then stolen hashes and rainbow tables don’t work any more.
Nougat@fedia.io 6 months ago
No. Nobody has stolen hashes. They have usernames and passwords collected from elsewhere, that they tried against Roku, because people tend to reuse usernames and passwords.