Plex Data Breach: Change Your Password Now

Plex is urging all users to immediately update their passwords following a security breach that compromised sensitive customer information. The streaming service confirmed unauthorized access to one of its databases, which contained usernames, email addresses, and encrypted passwords, along with other authentication details.

Although the exposed passwords were scrambled, making them unreadable in their raw form, the company has not ruled out the possibility that attackers could decipher them. There is also concern that the stolen authentication data might be leveraged to gain entry into user accounts. Plex advises customers to reset their passwords using the official password reset form and to sign out from all connected devices as a precaution.

Unlike many organizations that force password resets after such incidents, Plex has opted to recommend, rather than require, the change. The reasoning behind this decision remains unclear. So far, the company has shared limited information about the breach, stating only that it has addressed the vulnerability exploited by the intruder.

Plex has not disclosed the number of affected accounts, though the platform boasts a global user base of approximately 25 million. Critical details, such as when the breach occurred, how long the system was exposed, and whether third-party services were impacted, have not been released. The company has also remained silent on whether the incident involved ransomware or any form of extortion.

A request for comment sent to Plex spokesperson Jessica Finn was not answered by the time of publication.

(Source: TechCrunch)