Particle.news
Download on the App Store
15 ARTICLES
·
yesterday

Plex Tells Users to Reset Passwords After Breach Exposes Hashed Login Data

Key technical and scope details remain undisclosed.

array of Plex channels
Image
To protect yourself, even if you weren't notified of being affected, it's a good idea to change your password and make sure you have 2FA enabled.
Image

Overview

  • Plex says an unauthorized party accessed a limited subset of a user database containing emails, usernames, securely hashed passwords, and authentication data.
  • The company says it quickly contained the intrusion, closed the access method used, and is conducting additional security reviews.
  • Users are urged to reset passwords, enable the option to sign out connected devices, turn on two-factor authentication, or sign out all SSO sessions.
  • Plex says payment cards were not affected because it does not store card data on its servers.
  • Plex has not disclosed how many accounts were impacted, which hashing algorithm was used, or the breach timeframe, and reports note similar incidents in 2022 and 2015 with some users not receiving notices.