Streaming service Plex has confirmed a cybersecurity incident that exposed a limited set of user data. According to the company, an unauthorized third party gained access to a subset of customer information, including email addresses, usernames, and securely hashed passwords.
Plex emphasized that all passwords were properly encrypted, making them unreadable to outsiders, and clarified that no credit card or payment details are stored on its servers.
As a precautionary step, Plex has asked all users to reset their passwords via plex.tv/reset. The company recommends enabling the option to sign out of all devices after changing the password for enhanced security.
In addition, Plex encourages users to enable two-factor authentication and reminds customers that it will never request login credentials or payment details via email.
“We sincerely apologize for any inconvenience this incident may cause and want to assure our users that we are taking swift action to strengthen the security of our systems,” Plex stated.