Streaming multimedia platform Plex reported a hacker attack during which attackers managed to access the database and steal passwords, usernames and email addresses belonging to at least 15 million people.
Emails sent by Plex to users say the attackers were able to gain access to a “limited subset” of accounts whose passwords were “hashed and protected by best practices.”
However, the company encourages all users to change their passwords as soon as possible. However, Plex does not force password resets, and when you try to log in with old credentials, you are not prompted to reset your password. Everything will have to be done manually, and after changing the password, it is recommended to log out of all connected devices, and then log in again.
Rest assured that credit cards and other payment details are not stored on our servers at all and were not affected in this incident.
Also, the Plex developers claim that they have already determined how outsiders were able to access the database and fixed the problem. However, the company does not disclose any details about the attack and the measures taken after it.
Interestingly, the plex.tv website has been down for quite some time, and it is not entirely clear whether this was due to unauthorized access to the database or the platform was subjected to a separate DDoS attack. Some users believe that the servers simply could not withstand the influx of people wanting to change the password.