Plex, the popular US media streaming service platform, has confirmed a data breach affecting the majority of its 30 million users.
The company, which runs a streaming service and media player platform that allows you to enjoy shows or stream music from your own collection on most operating systems, notified impacted individuals that suspicious system activity was detected Aug. 23. It immediately began an investigation.
Letters notifying users of a mandatory password reset were sent the next day.
“Yesterday, we discovered suspicious activity on one of our databases,” the data breach letter reads. “We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords.”
“Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution we are requiring all Plex accounts to have their password reset”
The letter also reassured users that their financial information, including credit card data, was not affected, as they are not stored on its servers. The company also said it uncovered the mechanism, which allowed the threat actor to infiltrate its system, and has deployed a fix.
Plex’s streaming website was briefly offline the day of the incident. However, users are now able to reset passwords and enable two-factor authentication (2FA) for extra security.
Plex users should also be extra vigilant for phishing attacks leveraging the incident, and never give out personal or financial information via unsolicited emails.
Boosting online privacy and security with Bitdefender Digital Identity Protection
Bitdefender Digital Identity Protection continuously monitors your personal information, alerting you in real time in case of data breaches and leaks. This lets you immediately change your passwords and secure your accounts to prevent financial loss or even social media impersonation, which can ruin your reputation.
Managing your digital footprint has never been easier. With our dedicated privacy tool, you can:
- Discover the extent of your digital footprint
- Find out if your personal information was exposed in legal and illegal collections of data
- Benefit from 24/7 data breach monitoring for up to five email addresses
- Get instant alerts to new breaches and privacy threats
- Detect social media doppelgangers