- Plex has undergone data violation exposing emails, user names and chopped passwords
- Users are invited to modify passwords and activate two -factor authentication
- A separate vulnerability in Plex Media Server was corrected in August
The popular multimedia server and the streaming platform, Plex, warned its users to lose their sensitive data in a cyber attack, and urged them to update their passwords accordingly.
In a forum post published on September 8, Plex said that it had recently experienced a security incident with a “limited impact”, when an unauthorized third party has accessed an subset of customer data.
“Although we quickly satisfied the incident, accessible information included emails, user names, safely chopped passwords and authentication data,” said the message. The credit card or other payment data have not been accessible because they were not even stored on the company’s servers.
The chopped passwords are illegible
Passwords have been minced “in accordance with best practices,” said Plex, explaining that hackers cannot read them. However, to be sure, the company recommends that users disconnect from all sessions and modify all passwords. He also underlines that he will never contact by e-mail to request a password or a credit card number, suggesting that the disbelievers could start sending phishing attacks to the email accounts they obtained during the attack.
“For additional account protection, we also recommend activating two factors on your Plex account if you have not already done so.”
As a multimedia server and streaming platform, Plex allows users to collect, organize and broadcast personal media such as films, television, music, photos, etc. On almost all devices. It is very popular, some sources saying that it has more than 25 million active users.
In mid-August this year, Plex declared that he had corrected a mysterious vulnerability affecting his product plex media server and told users not to delay the application of the correction. The company has received a report via its BOUNTY program on a potential security problem affecting the versions of PLEX media server 1.41.7.X at 1.42.0.X and shortly after, it appeared with a fix.
Via Bleeping Compompute
