Media streaming platform Plex is warning customers to reset their passwords following a new data breach that exposed user authentication data.
According to a breach notification shared with BleepingComputer, attackers gained access to one of Plex’s databases and stole emails, usernames, securely hashed passwords, and authentication data.
“An unauthorized third party accessed a limited subset of customer data from one of our databases,” the company said. While Plex stressed that all exposed passwords were securely hashed using industry best practices, it has urged users to reset their passwords out of “an abundance of caution.”
Plex recommends users reset their password at plex.tv/reset and enable the option to “Sign out connected devices after password change”. This will log out all devices tied to the account, requiring users to log back in manually. Those using single sign-on (SSO) should log out of all active sessions by visiting plex.tv/security.
The company has reassured users that no payment card data was compromised, as Plex does not store financial information on its servers. Plex also reminded users to enable two-factor authentication (2FA) for added account security and reiterated that it will never request passwords or payment details via email.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
