large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Plex confirms massive data breach and triggers password reset

The media streaming service Plex has informed users of a serious data breach that has compromised personal information.

The platform, which is popular among cord-cutters and those with a large library of downloaded content, e-mailed users advising them to reset passwords following the attack which took advantage of a security flaw.

While usernames and email addresses were exposed, Plex says the passwords stolen were all hashed and encrypted limiting the possibility for exposure. The company says it followed best practice for encryption. Credit card information and payment data was not part of the breach, Plex assures.

“Yesterday, we discovered suspicious activity on one of our databases. We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords,” it wrote in the correspondence to subscribers.

Plex says it has plugged the security issue that enabled hackers to compromise users’ data and is going to extra lengths to ensure its defences are tight.

The company added: “We’ve already addressed the method that this third-party employed to gain access to the system, and we’re doing additional reviews to ensure that the security of all of our systems is further hardened to prevent future incursions.”

While the chances of the accounts being cracked are low due to the password hashing, it’s always best to turn on on two factor authentication when available – as it is with Plex – or use a password manager to generate secure passwords.

If you haven’t already, you can change your password via the instructions detailed here.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have millions of users a month from around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.