Everything we know about the Plex data breach so far
No credit card information or passwords were compromised in the Plex data breach
The Plex streaming platform had told customers to reset their passwords following a data breach.
In an advisory, the company said users should also sign out of any connected devices that are currently logged in and enable two-factor authentication if they haven’t already.
"An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included device type, emails, user names and authentication data," it said.
"We’ve already addressed the method that this third party used to gain access to the system, and we’re undergoing additional reviews to ensure that the security of all of our systems is further strengthened to prevent future attacks."
Plex also said that any account passwords accessed were securely-hashed, and couldn't be read by a third party. It added that credit card data wasn't stored on its servers and was therefore secure.
Who is responsible for the Plex data breach?
No group has claimed responsibility for the attack thus far. While it's not known how many people may have been affected, the company has around 25 million users around the world.
Kev Breen, senior director of cyber threat intelligence at Immersive, said this makes Plex – and other streaming services – an attractive target.
“The infrastructure of streaming platforms often includes cloud storage, content delivery networks, APIs, and user-facing apps. This complex infrastructure creates multiple entry points for attackers to exploit," Breen commented.
"As well as personally identifiable information, streaming platforms also store data on user preferences, meaning attackers can develop more targeted social engineering campaigns. Such data is likely to be leveraged by cyber criminals to extort money from Plex, as well as for identity theft and phishing campaigns.
Plex has previous
This isn't the first time that Plex has experienced a data breach. Back in 2015, threat actors gained access to the company's forum and blog server, exposing IP addresses, private messages, emails, and encrypted forum passwords.
Similarly, in 2022 the company warned customers of a breach after a database containing account information such as usernames and passwords was compromised.
Its message to users was uncannily similar to those being received by customers today. On that occasion, though, the company's servers struggled to cope with the large volume of password reset requests being made.
Breen warned that it's not just home users that need to take the warning seriously.
"Plex is unlikely to be used in an enterprise setting; however, people often re-use passwords or follow patterns when creating them. This means that a user affected at home could also have an impact on organizations," he said.
"Business leaders must be able to demonstrate cyber capabilities across their workforce through regular exercises, and improve them through targeted skills development.”
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
What is Microsoft Maia?Explainer Microsoft's in-house chip is planned to a core aspect of Microsoft Copilot and future Azure AI offerings
-
If Satya Nadella wants us to take AI seriously, let’s forget about mass adoption and start with a return on investment for those already using itOpinion If Satya Nadella wants us to take AI seriously, let's start with ROI for businesses
-
90% of companies are woefully unprepared for quantum security threats – analysts say they need to get a move onNews Quantum security threats are coming, but a Bain & Company survey shows systems aren't yet in place to prevent widespread chaos
-
LastPass issues alert as customers targeted in new phishing campaignNews LastPass has urged customers to be on the alert for phishing emails amidst an ongoing scam campaign that encourages users to backup vaults.
-
NCSC names and shames pro-Russia hacktivist group amid escalating DDoS attacks on UK public servicesNews Russia-linked hacktivists are increasingly trying to cause chaos for UK organizations
-
An AWS CodeBuild vulnerability could’ve caused supply chain chaos – luckily a fix was applied before disaster struckNews A single misconfiguration could have allowed attackers to inject malicious code to launch a platform-wide compromise
-
There’s a dangerous new ransomware variant on the block – and cyber experts warn it’s flying under the radarNews The new DeadLock ransomware family is taking off in the wild, researchers warn
-
Supply chain and AI security in the spotlight for cyber leaders in 2026News Organizations are sharpening their focus on supply chain security and shoring up AI systems
-
Veeam patches Backup & Replication vulnerabilities, urges users to updateNews The vulnerabilities affect Veeam Backup & Replication 13.0.1.180 and all earlier version 13 builds – but not previous versions.
-
NHS supplier DXS International confirms cyber attack – here’s what we know so farNews The NHS supplier says front-line clinical services are unaffected
