Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The media streaming platform warns users of an “unauthorised third party” accessing customer data and recommends changing passwords.
Popular media streaming tool Plex advises customers to change their passwords and be aware of suspicious emails after disclosing that it was recently the victim of a “security incident”.
“We have recently experienced a security incident that may potentially involve your Plex account information,” Plex told its customers in a 9 September advisory.
“We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure.”
According to Plex, an “unauthorised third party” accessed a limited amount of customer data in one of the company’s databases.
“While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication data,” Plex said.
“Any account passwords that may have been accessed were securely hashed, in accordance with best practices, meaning they cannot be read by a third party. Out of an abundance of caution, we recommend you take some additional steps to secure your account (see details below). Rest assured that we do not store credit card data on our servers, so this information was not compromised in this incident.”
Plex said it has “addressed” the attack vector used by the threat actor and is conducting further reviews of its systems. Not all Plex users have been contacted at the time of publishing.
Many Plex users have flocked to the platform’s forum to complain of issues accessing their media servers after resetting their passwords, however.
“YOU PLEX PEOPLE! I changed my password according to YOUR instructions and now I can’t connect to my PLEX server,” one irate user said.
Another said: “Huge fail on the part of Plex.”
“They send out those notices but fail to let customers know they will have to reclaim their server. Not sure if you can even do it remotely.”
The issue appears to be similar to that many users experienced in the wake of a similar incident in August of 2022, when Plex warned users of another data breach at that time.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
