Plex imposes password reset after hackers steal data for >15 million users

At least half of the company's 30 million customers were affected by the hack, which resulted in the theft of passwords, usernames, and emails.

Company officials wrote in an email to customers that they discovered suspicious activity on a database. It appears that a third-party was able to access a limited subset of data that included emails, usernames, and passwords.

According to the email, the passwords were secured in accordance with best practices, meaning that they were scrambled in a way that required attackers to devote additional resources to crack them. The passwords were hashed with bcrypt, which is one of the strongest passwords protection methods.

Customers are required to reset their passwords. Here you can find step-by-step instructions. Signing out of all connected devices is recommended by the company.

Advertisement

The email stated that no payment card details were stored in the database that was accessed.

People were having trouble logging in to their accounts. Troy Hunt was able to log in to his account with a few errors.

🤦‍♂️ pic.twitter.com/33B8g1FJDA

— Troy Hunt (@troyhunt) August 24, 2022

A third person connected to Ars was told to reset his password after he received an email from Plex. He was sent an email when he couldn't log in.

Plex is a major provider of media streaming services that allow users to stream movies and audio, play games, and access their own content hosted on home or on- premises media server The company has more than 30 million registered users and most of them were affected by the breach, according to the company's spokesman.

The means the intruders used to gain access to the database have been found, according to Wednesday's notification. Engineers are doing more reviews to make sure there aren't any more breeches that occur again.