Plex has reported a recent security incident involving unauthorized access to a limited set of customer data, including emails, usernames, and securely hashed passwords. The company asserted that the impact appears to be minimal, but it requires users to take immediate action to secure their accounts.
In detail, an unauthorized third party accessed customer data from one of Plex’s databases. While the passwords accessed were securely hashed and not readable by a third party, Plex advises all users to reset their passwords as a precaution. Users can do this by visiting a specified link provided in Plex’s communication. The company also clarified that no credit card information was compromised during the incident.
To mitigate risks, Plex has already addressed the vulnerability that led to this unauthorized access and is taking additional measures to strengthen the security of its systems to prevent future incidents. Users are encouraged to reset their passwords immediately and have the option to log out of all connected devices during this process, which adds an extra layer of security.
Plex highlights that no employee will ever request a password or credit card information via email. For enhanced account security, the company recommends enabling two-factor authentication if users haven’t done so already.
Plex has expressed regret for any inconvenience this event may cause and reassured customers of its commitment to improving security measures moving forward. For detailed instructions on resetting passwords, Plex has provided a link to their support page.
Source: https://www.theverge.com/news/774188/plex-breach-change-password-email