Plex is one of the most popular multi-service streaming media platforms in the world because of its sheer versatility and ability to integrate with multiple other platforms, services, and file types. Unfortunately for Plex users, the company behind the Plex media server has begun sending out emails to all users notifying them of a data breach. Here is what you need to know.
Thanks to a copy of the letter Plex has been sending out, which has been shared with BleepingComputer, we can report on some of the details of the breach, including the type of data that has been accessed and what you need to do about it.
According to the letter, the actor behind the breach gained access to a “limited subset of data that includes emails, usernames, and encrypted passwords.” Plex did have security measures in place to protect against occurrences such as this one but even still, the company is asking all users to reset their passwords. The letter says:
“Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution we are requiring all Plex accounts to have their password reset.”
The letter does go on to say that no credit card and payment data has been exposed by the breach but there are other security concerns Plex users need to take into account. If you use the same password across multiple online accounts, then now is a good time to start changing your passwords as the actor who has pulled off the breach at Plex could potentially be able to use your repeated login details trying to access your other accounts. In fact, you should probably look at getting a password managing app such as LastPass, which will both securely store your passwords and automatically generate unique and secure passwords for all your accounts.
So far, Plex has said that it has identified the issue that allowed for the breach, but the long-term implications of the breach are still unclear. This means e will have to keep tracking this story to stay on top of developments.
In other cybersecurity news, Google has recently plugged a variety of security flaws on Google Chrome.