On 11/18/24, I got an email at around 2 in the morning from someone claiming to be from Roon Labs, saying that my credit card info needed to be updated. Thinking that yes, I did get a new card not too long ago, I need to update my account. So I tried twice to do the update as it failed the first time. Then it said it succeeded. Then I got a potential fraud email from Chase. They were right. Given my sleepy stupor in retrospect, I concluded something wasn’t quite right about the site I was using. It seemed a little clunky if I recall correctly. So, I confirmed on the phone with Chase that I’d been hacked. But my account was credited back and so the problem was resolved. So Roon Labs, there are hackers impersonating your company.
7 Likes
You have to be so careful these days. If there are hackers out there asking a Roon user to update their credit card, I wonder how they got a Roon users name and email? Glad the bank took care of you. Have a great day!
4 Likes
Indeed. Be very careful. If they know about you using Roon, then they probably know a lot more.
I would take today or when you can and take a look at any social media accounts, and places that you use online. Start by changing passwords, making sure that each place that you use has a different password. Maybe a password manager (although these are still not 100% safe). Lock down all profiles, only add people you know, etc.
It’s not to scare you, but you have to be very vigilant. It only takes a click in an email or a link somewhere to open your whole network and devices to a hacker.
Double check links by hovering your mouse over them, double check the domain/url. It’s easy to spoof or make a URL look official simply by adding a dot or hyphen.
2 Likes
Glad you got your money back.
People should enable 2FA on everything, Roon supports it. Yes it can be inconvenient to enter a code but if a site isn’t asking for the 2FA when it should it points to it being dodgy.
Plus Roon send me an email each time I log in.
3 Likes
It’s possible that Roon database had a security breach, in which case Roon is obligated to inform its users about the event. So someone from Roon please confirm if there has been a security breach leaking users account info?
Unlikely, as this is the only report since the incident affected the OP in November 2024.
Most likely, some kind of phishing scam. Indeed most incidents like this occur because we click on a link that’s not legit, especially when tired or distracted.
Therefore, always be vigilant, don’t automatically trust, check that email and web addresses are legitimate, and use 2FA plus strong unique passwords for every website / company.
3 Likes
Much higher odds they simply took a chance or matched email address from some other hack like other audio forum, etc.
In addition to 2FA, use a unique email address in addition to password. Less of a trail.
Trust no one. Do not respond to anything. Login directly to the web site you typed in yourself. Even ‘loved ones’ cannot be trusted to be who they say they are any longer.
4 Likes
Hey @phi4,
Thanks for writing in and sharing your report as well as your experience. There have not been any security breaches, so nothing to worry about there!
We will share your report with management and follow up with any further questions or additional information as needed. 
2 Likes
Hi, @benjamin, I’m the OP. Thanks for looking into this.
2 Likes
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.