If you’ve ever signed up to be a member of the Plex forums, now may be a good time to change your password. Plex yesterday announced that the servers on which its blog and forums are hosted have been breached, leaving IP addresses, private messages, email addresses and encrypted forum passwords vulnerable. The company says that only forum members are affected, and everyone’s credit card and other payment data is completely safe.
Because of this data breach, the Plex team is strongly suggesting that everyone change their passwords. If you happen to visit the website while logged in with an affected account, you’ll automatically be redirected to the Change your password screen. The company sent out an email this morning to warn affected users of the attack. The email reads:
Dear Plex User,
Sadly, we became aware this afternoon that the server which hosts our forums and blog was compromised. We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all.
If you are receiving this email, you have a forum account which is linked to a plex.tv account. The attacker was able to gain access to IP addresses, private messages, email addresses and encrypted forum passwords (in technical terms, they are hashed and salted). Despite the password encryption measures, we take your privacy and security very seriously, so as a precaution, we’re requiring that you change your password.
Be sure to choose a strong password, never share it, and never re-use passwords for different accounts! Even better, use a password manager (1Password, for example) to manage a unique password for you. Access to your Plex account will be blocked until you do so.
Please follow this link to choose a new password.
We’re sorry for the inconvenience, but both your privacy and security are very important to us and we’d rather be safe than sorry!
We will post more detailed information on our blog shortly. Thanks for using Plex!
The Plex Team
If the company reveals any more information about the attack, we’ll be sure to update you. In the mean time, be sure to change your passwords.