Dhruv Bhutani / Android Authority.
TL; DR
- Media server app Plex has announced a possible data breach.
- Emails, usernames and encrypted passwords were accessed as part of the incident.
- The company requires password resets for all accounts.
Plex is one of the most popular media streaming and media server apps around, allowing you to access your personal media content over the network and offering its own streaming library. However, the service has now announced a “potential data breach” and requires password resets for all accounts.
“We want you to know that there was an incident yesterday involving your Plex account information. While we believe the actual impact of this incident is limited, we want to make sure you have the right information and tools to keep your account secure,” the company wrote in an email to some users.
The group said yesterday that it had detected suspicious activity in a database.
We immediately began an investigation and it appears that a third party was able to access a limited set of data, including emails, usernames and encrypted passwords.
The company added that password resets are required for all accounts, even if they are “secured and secured in accordance with best practices.” Plex added that payment data is not stored on its servers and therefore was not affected by this breach. It also indicated that the method used in the breach has already been resolved and is conducting further security assessments.
So what else can you do? Well, the Plex team also says that checking the checkbox on the password reset page will log you out of all your devices after a password change. The company added that users should also enable two-step verification and never ask for your password or credit card information via email.
It’s also worth noting that some Plex users on the Android Authority team didn’t receive an email notifying them of the breach. We can tell that this alert is being sent gradually because the email states that passwords for all accounts will be reset.