Media streaming platform Plex has notified users of a recent “security incident” in which personal information was stolen. As a precaution, the company recommends that users reset their passwords.
An unauthorized party managed to access “a limited subset of customer data” from one of its databases. This database contained the personal information of Plex users, including usernames, emails, and hashed passwords.
No financial information, like credit card data, is stored on Plex’s servers, so this information hasn’t been compromised.
Although Plex believes the security incident's actual impact is limited, the company recommends that users reset their passwords immediately by visiting https://plex.tv/reset and following the instructions.
It’s also suggested to check the checkbox “Sign out connected devices after password change.” All devices will be logged out, and users will need to sign back in with their new password.
“We understand that this means a little more work for you, but it will provide additional security to your account,” the company says in an email addressed to affected customers.
Lastly, to improve account security, Plex advises enabling two-factor authentication (2FA) for those who haven’t done that already.
It remains unclear how the attackers gained access to Plex’s IT network. The media streaming software developer says it has taken additional security measures to prevent recurrence.
“We’ve already addressed the method that this third party used to gain access to the system, and we’re undergoing additional reviews to ensure that the security of all of our systems is further hardened to prevent future attacks,” the company promises.
Your email address will not be published. Required fields are markedmarked