Plex TV, a free premium-tier streaming platform called Plex Pass, suffered a data breach, exposing their customers’ sensitive information to hackers.
In an email to users on Wednesday, Plex disclosed that cybercriminals were able to gain access to customers’ passwords, email addresses, and usernames. The breach affects 15 million customers, which is nearly half of Plex’s users.
Plex urges users to change their password
“While account passwords are secured in accordance with best practices, we require all Plex users to reset their passwords,” the streaming platform said in the email.
Plex revealed it discovered “suspicious activity” in one of their databases. After investigating the issue, the streaming platform discovered that a third-party entity had access to a limited subset of data, including users’ emails, usernames and encrypted passwords. encrypted is the operative word here. Plex states that users’ password information is hashed and secured, but “as a precaution” it requires all Plex accounts to perform a password reset.
Don’t worry if you submitted your credit card information to subscribe to one of Plex’s premium tiers. According to Plex, you can breathe easy – your data is completely safe. “Rest assured that credit card and other payment information is not stored on our servers at all and was not vulnerable in this incident,” Plex said.
To change your Plex password, launch a private/incognito browser window. Then go to Plex’s password reset page (opens in new tab). Enter your email address and click ‘Send Instructions’. Within a minute or two, you should receive an email with instructions on how to proceed with the password reset process. See Plex’s support page on how to change your password (opens in new tab) for more detailed instructions.