Plex.tv forums and Blog hacked


Recommended Posts

Got this security alert email last night:

 

 

IMPORTANT SECURITY NOTICE Dear Plex User, 

Sadly, we became aware this afternoon that the server which hosts our forums and blog was compromised. We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all. 

If you are receiving this email, you have a forum account which is linked to a plex.tv account. The attacker was able to gain access to IP addresses, private messages, email addresses and encrypted forum passwords (in technical terms, they are hashed and salted). Despite the password encryption measures, we take your privacy and security very seriously, so as a precaution, we're requiring that you change your password. 

Be sure to choose a strong password, never share it, and never re-use passwords for different accounts! Even better, use a password manager (1Password, for example) to manage a unique password for you. Access to your Plex account will be blocked until you do so. 

Please follow this link to choose a new password. 

We're sorry for the inconvenience, but both your privacy and security are very important to us and we'd rather be safe than sorry! 

We will post more detailed information on our blog shortly. Thanks for using Plex! 

The Plex Team

 

If you use the plex forums I highly suggest you change your password.  Also, chances are your plex account is tied to the plex forum account.  So, you might want to change your plex account password.

Edited by Steven P.
removed password token link
Link to comment
Share on other sites

I would strongly recommend you remove the link that you put... that links allows anyone to change YOUR password

Oof.. wow... I edited that link.. but seriously Plex?

Link to comment
Share on other sites

Would there be a list of popular sites that uses Plex? I may be using it and not realize it. 

 

None. It's a local video player app.

Link to comment
Share on other sites

I would strongly recommend you remove the link that you put... that links allows anyone to change YOUR password

 

if they send stuff like that through email, it is no surprise that they got hacked (borderline deserved it). Including links like that in emails may make it more convenient to change a user's password, but it definitely not a security best practice.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.