What you need to know
- Plex alerted customers on August 24, 2022, to a potential data breach.
- This security alert noted a database containing passwords, emails, and usernames may have been affected.
- While only a small subset of data (including encrypted passwords) may have been affected, Plex is requesting all customers change passwords.
Plex is one of the largest streaming services around, particularly for running your own media server on a NAS enclosure. The company announced a potential security breach, involving one of its databases. Details were disclosed to customers, making them aware of an incident, as well as steps on how to reset their passwords and keep their accounts secured.
Suspicious activity was detected on one of the Plex databases. It’s believed only a limited subset of data was affected including emails, usernames, and encrypted passwords. Although Plex encrypts stored passwords, the company is requiring all customers change their passwords regardless. It was noted that no payment data is stored on Plex servers.
The method which provided access to this third party has already been addressed. Additional reviews and investigations are underway to ensure the security of all Plex systems has not been compromised. When changing the password of your Plex account, the company urges customers to check the option to sign out of all devices to prevent any potential account breaches.
As is the case with any account and service, we highly recommend the use of a password manager and two-factor authentication. Data breaches can happen, even to companies employing the best practices. It’s positive to see Plex take a proactive stance on this breach, alerting customers and requiring them to change passwords.
If you have yet to try out Plex Media Server on your best NAS, it’s a fantastic tool for cataloging all your media, be it movies, TV shows, music, and more. Stored on a central server, you can then stream all this content to a device of your choosing.