Streaming giant Roku has confirmed a second security incident in as many months, with hackers this time able to compromise more than half a million Roku user accounts.
In a statement Friday, the company said about 576,000 user accounts were accessed using a technique known as credential stuffing, where malicious hackers use usernames and passwords stolen from other data breaches and reuse the logins on other sites.
Roku said in fewer than 400 account breaches, the malicious hackers made fraudulent purchases of Roku hardware and streaming subscriptions using the payment data stored in those users’ accounts.
Two-factor authentication prevents credential stuffing attacks by adding an additional layer of security to online accounts.
By prompting a user to enter a time-sensitive code along with their username and password, malicious hackers cannot break into a user’s account with just a stolen password.
I’m getting hacked, I’m getting hacked bro, I’m getting hacked,” said one of the players allegedly compromised during a live stream of the gameplay.
On Tuesday, Respawn, the studio that develops Apex Legends posted a statement on X (formerly Twitter), addressing the incidents.
Conor Ford, who works on Apex Legends security team, wrote on X that he and his colleagues are working to address the issues.
Or other video game hacking incidents?
Or other video game hacking incidents?
On Sunday, two competitive esports players appeared to get hacked during a live streamed game, prompting the organizers to postpone the tournament.
Players were competing in the Apex Legends Global Series, a competitive esports tournament for the popular shooter game Apex Legends, which has a $5 million total prize pool.
I’m getting hacked, I’m getting hacked bro, I’m getting hacked,” said Genburten, holding his hands up during the game, according to a video they posted on X, which was also posted on multiple YouTube channels.
“I’m cheating, I’m cheating, I’m cheating, I’m fucking cheating,” said ImperialHal.
We will share more information soon,” announced the official Apex Legends Esports account on X.
Multinational technology giant Fujitsu confirmed a cyberattack in a statement Friday, and warned that hackers may have stolen personal data and customer information.
Fujitsu also did not say what kind of personal information may have been stolen, or who the personal information pertains to — such as its employees, corporate customers, or citizens whose governments use the company’s technologies.
Headquartered in Japan, Fujitsu has about 124,000 employees and serves government and private sector customers globally.
Fujitsu said it reported the incident to Japan’s data protection authority, Personal Information Protection Commission, “in anticipation” that personal information may have been stolen.
The company has not said whether it has filed required data breach notices with any other government or authority, including in the United States.
A U.S. government watchdog stole more than one gigabyte of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior.
The good news: The data was fake and part of a series of tests to check whether the Department’s cloud infrastructure was secure.
The experiment is detailed in a new report by the Department of the Interior’s Office of the Inspector General (OIG), published last week.
The tests were conducted between March 2022 and June 2023, the OIG wrote in the report.
The Department of the Interior manages the country’s federal land, national parks and a budget of billions of dollars, and hosts a significant amount of data in the cloud.
Anycubic users say their 3D printers were hacked to warn of a security flawAnycubic customers are reporting that their 3D printers have been hacked and now display a message warning of an alleged security flaw in the company’s systems.
Feel free to disconnect your printer from the internet if you don’t wanna get hacked by a bad actor!
You have not been harmed in any way.”The text file described an unspecified vulnerability in Anycubic’s MQTT service, which allegedly allows the ability to “connect and control” customer 3D printers that are connected to the internet.
The person who authored the text file claimed they sent the message to 2.9 million Anycubic 3D printers.
“Disconnect your printer from the internet until anycubic patches this issue,” the text file reads.
UnitedHealth says Change Healthcare hacked by nation state, as pharmacy outages drag onU.S. health insurance giant UnitedHealth Group said Thursday in a filing with government regulators that its subsidiary Change Healthcare was compromised likely by government-backed hackers.
In a filing Thursday, UHG blamed the ongoing cybersecurity incident affecting Change Healthcare on suspected nation state hackers but said it had no timeframe for when its systems would be back online.
UHG did not attribute the cyberattack to a specific nation or government, or cite what evidence it had to support its claim.
Change Healthcare provides patient billing across the U.S. healthcare system.
Change Healthcare has not yet disclosed the specific nature of its cyberattack.
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network.
Midnight Blizzard is a notorious hacking group that is widely believed to be sponsored by the Russian government.
HPE said an internal investigation has since determined that the Russia-backed hacking group “accessed and exfiltrated data” from a “small percentage” of HPE mailboxes starting in May 2023.
“The accessed data is limited to information contained in the users’ mailboxes,” Bauer told TechCrunch.
“We don’t have the details of the incident that Microsoft experienced and disclosed last week, so we’re unable to link the two at this time,” Bauer told TechCrunch.