“Yesterday, we discovered suspicious activity on one of our databases. We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords.” Plex stopped short of confirming if any personal information or private media libraries were compromised, but assured users that “all account passwords that could have been accessed were hashed and secured in accordance with best practices.”

The Plex website and service has been overloaded since the breach notification went out, so changing your password might take some time to complete, but it is imperative that it is done immediately to avoid any abuse of your account and personal content. While the cause of the breach has already been identified, and immediate action taken to rectify the security flaw, it is very likely that your credentials might have already been leaked. Aside from changing your password, Plex also recommends enabling 2 factor authentication (2FA) on your account to ensure that your credentials are not abused in any way. While we are never too far away from the next security incident that leads to a data breach, there are many ways to minimize collateral damage from it. Whenever possible, use a password manager and never reuse the same password on multiple services. Setting up a 2FA device authentication also provides you with another layer of protection in the event your password is compromised.

Plex Suffers Possible Data Breach  Users Advised to Change Passwords - 70