The Plex streaming platform had told customers to reset their passwords following a data breach.
In an advisory, the company said users should also sign out of any connected devices that are currently logged in and enable two-factor authentication if they haven’t already.
"An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included device type, emails, user names and authentication data," it said.
"We’ve already addressed the method that this third party used to gain access to the system, and we’re undergoing additional reviews to ensure that the security of all of our systems is further strengthened to prevent future attacks."
Plex also said that any account passwords accessed were securely-hashed, and couldn't be read by a third party. It added that credit card data wasn't stored on its servers and was therefore secure.
Who is responsible for the Plex data breach?
No group has claimed responsibility for the attack thus far. While it's not known how many people may have been affected, the company has around 25 million users around the world.
Kev Breen, senior director of cyber threat intelligence at Immersive, said this makes Plex – and other streaming services – an attractive target.
“The infrastructure of streaming platforms often includes cloud storage, content delivery networks, APIs, and user-facing apps. This complex infrastructure creates multiple entry points for attackers to exploit," Breen commented.
"As well as personally identifiable information, streaming platforms also store data on user preferences, meaning attackers can develop more targeted social engineering campaigns. Such data is likely to be leveraged by cyber criminals to extort money from Plex, as well as for identity theft and phishing campaigns.
Plex has previous
This isn't the first time that Plex has experienced a data breach. Back in 2015, threat actors gained access to the company's forum and blog server, exposing IP addresses, private messages, emails, and encrypted forum passwords.
Similarly, in 2022 the company warned customers of a breach after a database containing account information such as usernames and passwords was compromised.
Its message to users was uncannily similar to those being received by customers today. On that occasion, though, the company's servers struggled to cope with the large volume of password reset requests being made.
Breen warned that it's not just home users that need to take the warning seriously.
"Plex is unlikely to be used in an enterprise setting; however, people often re-use passwords or follow patterns when creating them. This means that a user affected at home could also have an impact on organizations," he said.
"Business leaders must be able to demonstrate cyber capabilities across their workforce through regular exercises, and improve them through targeted skills development.”
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Mainframes are back in vogue as enterprises ramp up hybrid IT strategies, AI adoptionNews Mainframes are back in vogue, according to research from Kyndryl, with enterprises ramping up hybrid IT strategies and generative AI adoption.
-
The unseen risks of cloud storage for businessesIn-depth Sensitive data is being held in publicly-accessible cloud storage, despite the obvious risks – what can firms do about it?
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countriesNews The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators – now it's ramping up attacks globally.
-
Salesloft Drift hackers had access to company GitHub account for months before attacksNews Hackers behind the Salesloft Drift breach had access to the company’s GitHub account for several months before waging a flurry of attacks, the company has revealed.
-
Gen Z has a cyber hygiene problemNews A new survey shows Gen Z is far less concerned about cybersecurity than older generations
-
Cybersecurity experts issue urgent warning amid surge in Stealerium malware attacksNews Proofpoint said Stealerium has flown under the radar for some time now, but researchers have observed a huge spike in activity between May and August this year.
-
Hackers are using AI to dissect threat intelligence reports and ‘vibe code’ malwareNews TrendMicro has called for caution on how much detail is disclosed in security advisories
-
Security experts call for better 'offboarding' practices amid spate of insider attacks by outgoing staffNews Enterprises should act swiftly to revoke rights and access, regardless of the manner of an employee’s departure.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
