Plex was compromised, exposing usernames, emails and passwords


Streaming media platform Plex sent an email to its customers earlier today informing them of a security breach in which account information, including usernames, email addresses and passwords, may have been compromised. Although there is no indication that the encrypted passwords have been released, Plex nevertheless advises all users to change their passwords immediately.

Plex is one of the largest media server apps available and is used by approximately 20 million people to stream video, audio and photos that they upload themselves, in addition to an increasing variety of content the service offers to paying subscribers.

The email reads: “Yesterday we discovered suspicious activity in one of our databases. We immediately launched an investigation and it appears that a third party had access to a limited subset of data, including emails, usernames and encrypted passwords.” There is no confirmation that other personal account information has been compromised, and there is no mention of private media libraries (which may or may not contain illegal content, private nude photos, and other sensitive content) accessed during the breach.

Plex assures customers that “all account passwords that could have been accessed have been hashed and secured in accordance with best practices.” Financial information also appears to be safe despite the breach, with the email stating “credit card and other payment details are not stored on our servers at all and were not vulnerable to this incident.”

The cause of the breach has been found and Plex has taken action to prevent others from taking advantage of the same security flaw. “We have already discussed the method this third party used to access the system and we are doing additional assessments to ensure that the security of all our systems is further strengthened to prevent future incursions.”

If you have a Plex account, you should take steps to secure it immediately following these company instructions. You should also enable 2-factor authentication if you haven’t already. Plex puts the Two-Factor Authentication option under your account page.

In addition, you should use a free or paid password manager to easily manage unique, hard-to-guess passwords and 2fa codes for all your apps, services, and sites. Web browsers like Google Chrome, Microsoft Edge, and Safari have decent built-in options these days, although dedicated services are also available from Bitwarden, 1Password, and Lastpass. Some password managers will warn you about passwords that have been hacked online and will autofill passwords when prompted by apps and websites on your desktop and phone.

The Valley Voice
The Valley Voice
Christopher Brito is a social media producer and trending writer for The Valley Voice, with a focus on sports and stories related to race and culture.


Please enter your comment!
Please enter your name here

Share post:


More like this

U.S. Rep. Jerry Carl: We need an economy that’s strong

Americans can no longer afford a one-party Democrat system....

Democrat Mandela Barnes on How He’d Improve Your Life

The current lieutenant governor would be Wisconsin's first black...

‘It’s a joke first and a game second’: how the delightful Trombone Champ went viral | Games

Trombone Champ, the musical computer game, has received more...

Thumping bass heard in SF, East Bay during Portola Festival

A pounding bass - boom, boom, boom - could...