I think this is the second time Plex has been "hacked" in the 10 years or so I've been using it. I use a unique random username/password for every login so I'm not so worried about this one. If it were my bank or broker I'd be worried. . Like any hack, I'd be interested to learn more about what happened, but sadly much of that never sees the light of day.

I think any company that is larger than x amount of users or y amount of revenue should: A) be subject to some level of cybersecurity disclosures and/or audits, and B) should have to disclose details of a compromise (after it's been patched), and perhaps: C) be financially penalized for loss of user information in their care (whether it's used nefariously or not).