Plex, the popular app for creating a home media playback server, has been hacked. Following the attack, the company says the attackers were able to access some of the users’ personal data, including their passwords, which were allegedly encrypted. As such, the company is now forcing all users to reset their passwords on the platform, whether or not their individual data was accessed as part of this security breach.
All Plex users will have to change their passwords
The Plex company has officially announced that its systems were compromised during the day yesterday, in an email to its users:
“We would like to inform you that an incident involving Plex account information occurred yesterday. While we believe the impact of this incident is limited, we want to make sure you have the information and tools you need to keep your account safe. We immediately began an investigation and it appears that someone outside the company was able to access a limited set of data that includes emails, account names and encrypted passwords.”, company representatives said.
Fortunately, it appears that users’ payment details could not be accessed, as Plex does not store on local servers the details of cards used to make payments for its services. So those who were worried about having to cancel their bank cards can rest easy about that. It wouldn’t be a bad idea, however, to change all similar password and email or username combinations used on the Plex service and enable two-step authentication where available, including on Plex.
The company says that as a result of this attack, the breach used to break into its systems has been fixed, and attacks like this should not affect user accounts in the future.