Plex security breach
Jul 1, 2015, 9:29 pm
#1
Original Poster
Join Date: Feb 2005
Location: Hong Kong
Posts: 2,068
Plex security breach
FYI if you already haven't been alerted:
https://www.reddit.com/r/PleX/commen...forums_hacked/
At present it seems the Plex forums and blog are down at the moment.
This is an email I received from Plex:
"Dear Plex User,
Sadly, we became aware this afternoon that the server which hosts our forums and blog was compromised. We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all.
If you are receiving this email, you have a forum account which is linked to a plex.tv account. The attacker was able to gain access to IP addresses, private messages, email addresses and encrypted forum passwords (in technical terms, they are hashed and salted). Despite the password encryption measures, we take your privacy and security very seriously, so as a precaution, we're requiring that you change your password.
Be sure to choose a strong password, never share it, and never re-use passwords for different accounts! Even better, use a password manager (1Password, for example) to manage a unique password for you. Access to your Plex account will be blocked until you do so.
Please follow this link to choose a new password.
We're sorry for the inconvenience, but both your privacy and security are very important to us and we'd rather be safe than sorry!
We will post more detailed information on our blog shortly. Thanks for using Plex!
The Plex Team "
https://www.reddit.com/r/PleX/commen...forums_hacked/
At present it seems the Plex forums and blog are down at the moment.
This is an email I received from Plex:
"Dear Plex User,
Sadly, we became aware this afternoon that the server which hosts our forums and blog was compromised. We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all.
If you are receiving this email, you have a forum account which is linked to a plex.tv account. The attacker was able to gain access to IP addresses, private messages, email addresses and encrypted forum passwords (in technical terms, they are hashed and salted). Despite the password encryption measures, we take your privacy and security very seriously, so as a precaution, we're requiring that you change your password.
Be sure to choose a strong password, never share it, and never re-use passwords for different accounts! Even better, use a password manager (1Password, for example) to manage a unique password for you. Access to your Plex account will be blocked until you do so.
Please follow this link to choose a new password.
We're sorry for the inconvenience, but both your privacy and security are very important to us and we'd rather be safe than sorry!
We will post more detailed information on our blog shortly. Thanks for using Plex!
The Plex Team "
Jul 2, 2015, 7:02 am
#3
Join Date: Dec 2009
Location: RDU
Programs: DL DM+(segs)/MM, UA Ag, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 3,227
Bad news for Plex, but I appreciate them coming forward quickly. I use their forums often.
You don't have to pay for it... Most of the people I know who use it don't pay anything.
Now there are additional features for paid users that I find valuable so I bought a lifetime pass for $75. Specifically the ability to offline sync shows and movies to my iPad for long flights.
You don't have to pay for it... Most of the people I know who use it don't pay anything.
Now there are additional features for paid users that I find valuable so I bought a lifetime pass for $75. Specifically the ability to offline sync shows and movies to my iPad for long flights.
Jul 4, 2015, 3:08 pm
#5
Join Date: Jun 2010
Posts: 220
Lifetime pass holder here. Honestly do not know what I would do without it. I use it all the time, from many different devices.
It does suck that they had an issue, but they handled it WAY better than LastPass did, and considering that security is way more a part of their wheelhouse than that of Plex, I think Plex definitely deserves some kudos for their transparency.
It does suck that they had an issue, but they handled it WAY better than LastPass did, and considering that security is way more a part of their wheelhouse than that of Plex, I think Plex definitely deserves some kudos for their transparency.