If you make use of the popular personal media server Plex on your Xbox, PlayStation, smart TV, or just about any other device, youâre going to want to update your password.
Last night Plex sent out emails notifying many of its customers that a serious security breach may have resulted in account information getting into the wrong hands. Plex stated that âall account passwords that could have been accessed were hashed and secured in accordance with best practices.â Which, while comforting, still should be followed by you adhering to best practices, which means signing out of all current instances and changing your passwords.
Kotaku has reached out to Plex for comment.
Plex specifically noted that âsuspicious activity on one of [the companyâs] databasesâ may have given a third party access to âemails, usernames, and encrypted passwords.â As The Verge notes, personal account information such as the contents of media libraries is likely safe. Plex claims that itâs âaddressed the method that this third party employed to gain access to the systemâ and that itâs reviewing the security of all of its systems moving forward to prevent future incidents.
If youâre already a Plex user, then hopefully youâve received said email and already changed your password by the time youâre reading this, allowing you to resume enjoying your very awesome and very legal library of media worry-free. While Plex servers typically run on PCs, Plex client apps are available on the Xbox and PlayStation store, as well as a litany of smart devices, which makes it a very convenient way to stream your media to any device, from almost anywhere.
It may be the case that some users havenât received this super-important email. I would be one of those. Trips across Reddit reveal that some others may be in the dark as well, so if you have friends who enjoy Plex, politely nudge them to do the smart thing and get those passwords changed.
Also, as The Verge suggests in their reporting on the incident, we shall echo that you definitely ought to use a password manager if you arenât already doing so and, I know itâs a pain, but two-factor authentication can go a long way toward preventing worst-case scenarios after scares like this.
