The Plex streaming platform had told customers to reset their passwords following a data breach.
In an advisory, the company said users should also sign out of any connected devices that are currently logged in and enable two-factor authentication if they haven’t already.
"An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included device type, emails, user names and authentication data," it said.
"We’ve already addressed the method that this third party used to gain access to the system, and we’re undergoing additional reviews to ensure that the security of all of our systems is further strengthened to prevent future attacks."
Plex also said that any account passwords accessed were securely-hashed, and couldn't be read by a third party. It added that credit card data wasn't stored on its servers and was therefore secure.
Who is responsible for the Plex data breach?
No group has claimed responsibility for the attack thus far. While it's not known how many people may have been affected, the company has around 25 million users around the world.
Kev Breen, senior director of cyber threat intelligence at Immersive, said this makes Plex – and other streaming services – an attractive target.
“The infrastructure of streaming platforms often includes cloud storage, content delivery networks, APIs, and user-facing apps. This complex infrastructure creates multiple entry points for attackers to exploit," Breen commented.
"As well as personally identifiable information, streaming platforms also store data on user preferences, meaning attackers can develop more targeted social engineering campaigns. Such data is likely to be leveraged by cyber criminals to extort money from Plex, as well as for identity theft and phishing campaigns.
Plex has previous
This isn't the first time that Plex has experienced a data breach. Back in 2015, threat actors gained access to the company's forum and blog server, exposing IP addresses, private messages, emails, and encrypted forum passwords.
Similarly, in 2022 the company warned customers of a breach after a database containing account information such as usernames and passwords was compromised.
Its message to users was uncannily similar to those being received by customers today. On that occasion, though, the company's servers struggled to cope with the large volume of password reset requests being made.
Breen warned that it's not just home users that need to take the warning seriously.
"Plex is unlikely to be used in an enterprise setting; however, people often re-use passwords or follow patterns when creating them. This means that a user affected at home could also have an impact on organizations," he said.
"Business leaders must be able to demonstrate cyber capabilities across their workforce through regular exercises, and improve them through targeted skills development.”
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
IBM’s Confluent acquisition will supercharge its AI credentialsAnalysis IBM described Confluent as a “natural fit” for its hybrid cloud and AI strategy, enabling “end-to-end integration of applications, analytics, data systems and AI agents”.
-
AWS' no-nonsense reputation could pay dividends with agentic AIOpinion While AWS has jumped on the agentic AI hype train, its reputation as a no-nonsense, reliable cloud provider will pay dividends
-
NCSC issues urgent warning over growing AI prompt injection risks – here’s what you need to knowNews Many organizations see prompt injection as just another version of SQL injection - but this is a mistake
-
Chinese hackers are using ‘stealthy and resilient’ Brickstorm malware to target VMware servers and hide in networks for months at a timeNews Organizations, particularly in the critical infrastructure, government services, and facilities and IT sectors, need to be wary of Brickstorm
-
AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals — and teams at Amazon are already seeing huge gainsNews AWS CISO Amy Herzog thinks AI agents will be a ‘boon’ for cyber professionals, and the company has already unlocked significant benefits from the technology internally.
-
The Scattered Lapsus$ Hunters group is targeting Zendesk customers – here’s what you need to knowNews The group appears to be infecting support and help-desk personnel with remote access trojans and other forms of malware
-
Impact of Asahi cyber attack laid bare as company confirms 1.5 million customers exposedNews No ransom has been paid, said president and group CEO Atsushi Katsuki, and the company is restoring its systems
-
If you're not taking insider threats seriously, then the CrowdStrike incident should be a big wake up callNews CrowdStrike has admitted an insider took screenshots of systems and shared them with hackers, and experts say it should serve as a wake up call for enterprises globally.
-
Shai-Hulud malware is back with a vengeance and has hit more than 19,000 GitHub repositories so far — here's what developers need to knowNews The malware has compromised more than 700 widely-used npm packages, and is spreading fast
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
