In an email notification sent to the users’, Plex noted suspicious activity on their databases yesterday. While they didn’t mention any identifiable details of those who had accessed it, Plex immediately rectified the issue and started informing the community. Among those details leaked include the PII of users except the credit card data.
Data Breach at Plex
When you have loads of media playing in your local library, Plex is something you should have to properly organize and stream. Though it offers a premium subscription for extra features and flexibility, its free tier is the biggest flex it got. With that, Plex gathered millions of fans across the world but now had fallen victim to a data breach! As it emailed some of its customers, the platform discovered suspicious activity on one of its databases, where an unknown third party had accessed a “limited subset of data that includes emails, usernames, and encrypted passwords”. It’s reported that the threat actor has stolen a part of it too. Though Plex has hashed (encrypted) all the account passwords, it’s resetting all of them as an abundance of caution. Asking users to set them again, Plex assured them that no credit card or other payment data had been breached. So if you’re a Plex user of any kind, it’s strongly advised to change your password right now. And when doing so, name sure you set a strong one with a mix of alphabets, numbers, and special characters, and log out from all other devices. This makes sure no other party is accessing your Plex account from any other device that you may have left unattended. For this, mark the checkbox on the login page while setting up a new password.