Particle.news
Download on the App Store
16 ARTICLES
·
4w ago

Plex Discloses Breach, Tells Users To Reset Passwords

The company has not said how many users were affected or which hashing method was used.

array of Plex channels
Image
Image
To protect yourself, even if you weren't notified of being affected, it's a good idea to change your password and make sure you have 2FA enabled.

Overview

  • Plex says an unauthorized party accessed a limited subset of data in one database, including email addresses, usernames, hashed passwords, and unspecified authentication data.
  • Payment card details were not affected because Plex does not store them on its servers.
  • Users are instructed to reset passwords, sign out of all connected devices (or all sessions for SSO), and enable two-factor authentication.
  • Plex says it has fixed the access method used in the intrusion and is conducting additional security reviews, but it has not detailed the timeline or scope.
  • Reporting notes Plex is pushing Plex Media Server updates to version 1.42.1 with a fix for CVE-2025-34158, and some server access may be temporarily blocked until owners update.