Tuesday, October 4, 2022
Home TECH Plex imposes password reset after hackers steal data for >15 million users

Plex imposes password reset after hackers steal data for >15 million users

15 million users”/>

fake images

Streaming media platform Plex said Wednesday it was hacked by hackers who gained access to a proprietary database and stole passwords, usernames and emails belonging to at least half of its 30 million customers.

“Yesterday, we discovered suspicious activity in one of our databases,” company officials wrote in an email sent to customers. “We immediately started an investigation and it appears that a third party was able to access a limited subset of data including emails, usernames and encrypted passwords.”.

The email said that the passwords were “decrypted and protected according to best practices”, meaning that the passwords were cryptographically encrypted in a way that requires attackers to spend additional resources to crack the hashes and revert them back to their plaintext state. A Plex spokesperson said the passwords were encrypted using bcrypt, one of the strongest algorithms for protecting passwords. bcrypt automatically applies what is known as cryptographic salt and pepper to make cracking more difficult.

However, the company requires all customers to reset their passwords. Step by step instructions are here. As a precautionary measure, the company recommends signing out of all connected devices after the password change and then signing back in.

The email also said that no payment card details were stored in the accessed database and are therefore not affected by the breach.

Several people reported having trouble logging into their accounts on Wednesday morning. Troy Hunt, security researcher aware a screenshot of the errors you received when trying to log in to your account.

Two Ars employees said they, too, initially had trouble accessing their accounts, but eventually did. A third person connected to Ars reported that he reset his password and received an email from Plex immediately after telling him to reset his password one more time. The email sent him in a loop when he couldn’t log in with the new password.

Plex is a major provider of streaming media services that allow users to stream movies and audio, play games, and access their own content hosted on home or local media servers. The Plex spokesperson said that the company has more than 30 million registered users and that most of them were affected by the breach.

Wednesday’s notice said company officials have already discovered the means the intruders used to gain access to the database and fixed it. Engineers continue to perform additional checks to prevent similar violations from happening again.


RELATED ARTICLES

19 Android Settings You Might Not Know About

if you are a typical smartphone user, you average almost five hours a day on your phone now. But beyond video and social...

‘Quordle’ Today: See Every ‘Quordle’ Answer & Suggestion For October 3rd

Welcome back to the work week. I'm sorry, but today's. Quordles it won't help you get back into a routine easily, because it's...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

Progressive See extremism only elsewhere

The 9/11 elections in Sweden shocked intellectuals across the West. The Sweden Democrats, a nationalist-populist party founded in 1988 with neo-Nazi loyalties but...

Dr. Oz Closes in on Fetterman in Pennsylvania Senate Race: POLL

Republican candidate Dr. Mehmet Oz is narrowing the Democratic lieutenant's lead in the polls. government John Fetterman in the Pennsylvania Senate race, according...

In a new book, Nikki Haley criticizes the ‘hypocrisy’ of modern feminism

"Women fought for so long to have the freedom to make their own decisions," but now, every thought in their lives is "boxed in...