In order to alert its users of a security breach, Plex has sent out an email. The email’s text discusses suspicious activities and a third party accessing a portion of a database while the subject line refers to a “possible data breach.”
The business claims that emails, usernames, and encrypted passwords were among the leaked data. All passwords were encrypted and hashed, but out of “an excess of caution,” all Plex users are required to update their security information.
According to Plex’s email: “You should be informed that yesterday there was an issue involving your Plex account information. Even while we think this incident won’t have much of an effect, we nevertheless want to make sure you have the knowledge and resources you need to keep your account safe “.
The user is then informed:
On one of our databases, we found strange activity yesterday. We started looking into it right away, and it does seem that a small subset of data, including emails, usernames, and encrypted passwords, was accessible by a third party. Despite the fact that all credentials that could have been accessed were hashed and secured in accordance with best standards, we are asking all Plex accounts to have their passwords reset out of an abundance of caution. Please be assured that no credit card or other payment information is ever stored on our servers and was not exposed in this incident.
The business claims it is making preparations to help prevent a similar incident from occurring again and is requiring all users to change their passwords.
To cut a long tale short, we politely ask that you promptly reset your Plex account password. There is a checkbox to “Sign out linked devices after password change” when doing this. Additionally, you will need to login in again using your new password on all of your devices (including any Plex Media Servers you may own). Although doing this will be annoying, doing it will boost security. To reset your password here , follow the step-by-step instructions in the help article we’ve created.