Plex: Change your account passwords right away

Plex: Change your account passwords right away


Plex, a well-known media streaming service, as well as a popular client-server media player platform, has sent an email to all its users urgently inviting them to change the password of their accounts.

The company uncovered a possible breach involving Plex account information after noticing suspicious activity on one of its databases. Although the actual impact of the incident is believed to be minor, Plex still preferred to take a cautious approach, consequently asking all its users to change their password.

Users can visit this page and complete the password reset procedure. On this occasion, the company reminds everyone that no Plex employee will ever contact users requesting passwords or credit card numbers, therefore, the page linked above is the only way to intervene in this situation. br>
The company has also advised to use two-factor authentication (2FA) as an additional method of account protection, which we also feel we can give to all users, regardless of whether they use Plex .

Plex warns users to reset passwords after data breach

Streaming media platform Plex has confirmed a data breach and is warning users to change their passwords.

Plex said it discovered the compromise on Tuesday and found the intruder had accessed “a limited subset of data that includes emails, usernames, and encrypted passwords.” Plex said passwords are hashed — essentially scrambled in a way that makes them unreadable to humans — but did not say what kind of hashing algorithm was used, since some older or weaker algorithms can be defeated to reveal user passwords. Plex said credit card and payment data is not stored on its servers.

Plex is one of the largest media streaming apps, allowing users to stream movies and live television, as well as their own audio, video and photos hosted on their own home media servers. As of last year, Plex had more than 25 million registered users.

It’s not clear how many users are affected by the data breach, but Plex is asking all users to reset their own passwords. After Plex emailed users about the breach overnight, some said that their password resets weren’t working or were throwing errors when trying to sign out of other connected devices.

Plex said in its email to customers that it has “already addressed the method that this third-party employed to gain access to the system, and we’re doing additional reviews to ensure that the security of all of our systems is further hardened to prevent future incursions,” without saying what the cause of the intrusion was.

Details about the incident remain otherwise slim, and Plex has not yet announced the breach on its website or on its social media. Plex spokespeople did not immediately respond to our questions.

The Plex breach is a reminder to use a password manager and set up two-factor authentication wherever possible to make it significantly harder for attackers to take over your online accounts.