Plex forces password resets after database access incident


Level 66
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases.

According to the letter that a reader shared with BleepingComputer, the intruder potentially accessed a limited subset of data, including email addresses, usernames, and encrypted passwords.

"Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution, we are requiring all Plex accounts to have their password reset," claims Plex's notice.

"Rest assured that credit card and other payment data are not stored on our servers at all, and were not vulnerable at this incident".

Plex claims that it has identified the means by which the third-party accessed the database and addressed the problem to harden its systems and prevent similar incidents from re-occurring in the future.

Troy Hunt, creator of data breach monitoring service 'Have I Been Pwned' also found himself among the impacted users.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.