10:06 AM EDT, 04/12/2024 (MT Newswires) -- Roku ( ROKU ) said Friday it has determined that "unauthorized actors" had accessed nearly 600,000 Roku ( ROKU ) accounts in two separate breaches using login usernames and passwords stolen from a source unrelated to the company.

The company said, however, that these unauthorized users did not gain access to any sensitive information, including full credit card numbers or other full payment information.

The company said in a blog post that it detected an increase in unusual account activity earlier this year and determined after an investigation that about 15,000 Roku ( ROKU ) accounts had been illegally accessed. After notifying the affected customers in early March, the company said it continued to monitor account activity, which led to the discovery of a second incident that affected approximately 576,000 additional accounts.

Roku ( ROKU ) said it uncovered fewer than 400 cases in which unauthorized purchases of streaming service subscriptions and Roku ( ROKU ) hardware products were made using the payment method stored in the accounts.

In response to the incidents, the company said it has reset the passwords for all affected accounts and is notifying the customers directly. It is also refunding or reversing charges for the accounts under which the unauthorized purchases were made. Roku ( ROKU ) also said it has enabled two-factor authentication for all Roku ( ROKU ) accounts, including those unaffected by the breaches.

Price: 60.88, Change: -1.07, Percent Change: -1.73