Jump to content

Welcome to ExtremeHW

Welcome to ExtremeHW, register to take part in our community, don't worry this is a simple FREE process that requires minimal information for you to signup.

 

Registered users can: 

  • Start new topics and reply to others.
  • Show off your PC using our Rig Creator feature.
  • Subscribe to topics and forums to get updates.
  • Get your own profile page to customize.
  • Send personal messages to other members.
  • Take advantage of site exclusive features.
  • Upgrade to Premium to unlock additional sites features.
IGNORED

Plex Data Breach


pio
1 Attachment

Recommended Posts

Quote

Plex users may want to change their passwords as soon as they're able. The digital media player and streaming service said a bad actor had infiltrated its system in a letter sent to users affected by the breach. In it, the company has revealed that it immediately started an investigation after it saw suspicious activity in one of its databases. Based on what it saw, Plex said it does appear that a third-party entity got access to a subset of its data, which includes people's emails, usernames and encrypted passwords. 

.......................


Plex said it has already addressed the method the bad actor used to infiltrate its system, but it didn't elaborate on what method that is or what vulnerability the hacker exploited if any. The company also vowed to do additional reviews to make sure its systems are "further hardened to prevent future incursions." For now, Plex is requiring all users to change their passwords "out of an abundance of caution" even if all the passwords the hacker got access to were hashed. It also assured all users in its letter that it doesn't store credit card numbers and other payment data in its servers, so the bad actor wasn't able to get access to them. 

WWW.ENGADGET.COM

A third-party entity was able to access users' emails, usernames and encrypted passwords..

 

Just grabbed the first link I could find, I actually found out about this due to an email I got at like 1:30am.  Just as a friendly heads up, it was a major pain to update everything.  If you're a plex user, check your email.  There should be a legit email from them explaining everything in halfway decent detail (well, as best they can).  Looks like the letter is also shared on a twitter link in the article too.

Edited by pioneerisloud
  • Thanks 1
  • Respect 1
Link to comment
Share on other sites

A bad actor...  I didn't know Nicholas Cage was a cyber security threat. 

 

 

Ok bye. 

null

Owned

 Share

CPU: 5800x
MOTHERBOARD: ASUS TUF Gaming B550-Plus
RAM: 32GB 3600mhz CL16
GPU: 7900XT
SOUNDCARD: Sound Blaster Z 5.1 home theater
MONITOR: 4K 65 inch TV
Full Rig Info
Link to comment
Share on other sites

1 hour ago, UltraMega said:

A bad actor...  I didn't know Nicholas Cage was a cyber security threat. 

 

 

Ok bye. 

Oh all of the puns we could make here......Nicholas Cage was more of a National Treasure threat though.  🤣  Will Smith, Alec Baldwin, Gene Hackman, ummmm that one buff dude that's always coked up because he doesn't want to die, maybe Denzel.  So many names we could pick on.  🙃

 

  • Thanks 2
Link to comment
Share on other sites

Yeah I got the email too, will change the password for sure. They say that the passwords stolen were encrypted...so that's something lol.

  • Thanks 1

£3000

Owned

 Share

CPU: AMD Ryzen 9 7950X3D
MOTHERBOARD: MSI Meg Ace X670E
RAM: Corsair Dominator Titanium 64GB (6000MT/s)
GPU: EVGA 3090 FTW Ultra Gaming
SSD/NVME: Corsair MP700 Pro SE Gen 5 4TB
PSU: EVGA Supernova T2 1600Watt
CASE: be quiet Dark Base Pro 900 Rev 2
FANS: Noctua NF-A14 industrialPPC x 6
Full Rig Info

Owned

 Share

CPU: Intel Core i5 8500
RAM: 16GB (2x8GB) Kingston 2666Mhz
SSD/NVME: 256GB Samsung NVMe
NETWORK: HP 561T 10Gbe (Intel X540 T2)
MOTHERBOARD: Proprietry
GPU: Intel UHD Graphics 630
PSU: 90Watt
CASE: HP EliteDesk 800 G4 SFF
Full Rig Info

£3000

Owned

 Share

CPU: 2 x Xeon|E5-2696-V4 (44C/88T)
RAM: 128GB|16 x 8GB - DDR4 2400MHz (2Rx8)
MOTHERBOARD: HP Z840|Intel C612 Chipset
GPU: Nvidia Quadro P2200
HDD: 4x 16TB Toshiba MG08ACA16TE Enterprise
SSD/NVME: Intel 512GB 670p NVMe (Main OS)
SSD/NVME 2: 2x WD RED 1TB NVMe (VM's)
SSD/NVME 3: 2x Seagate FireCuda 1TB SSD's (Apps)
Full Rig Info
Link to comment
Share on other sites

25 minutes ago, ENTERPRISE said:

Yeah I got the email too, will change the password for sure. They say that the passwords stolen were encrypted...so that's something lol.

Honestly I feel like they handled the whole thing pretty well considering.  The issue is already patched, emails sent out to everyone urging to change passwords simply as a precaution, and letting everyone know that no really bad information was actually leaked.  Can't get much better than that I suppose.

Link to comment
Share on other sites

9 hours ago, pioneerisloud said:

Honestly I feel like they handled the whole thing pretty well considering.  The issue is already patched, emails sent out to everyone urging to change passwords simply as a precaution, and letting everyone know that no really bad information was actually leaked.  Can't get much better than that I suppose.

Oh for sure, they handled it as I would expect from any company, not all companies get it right but as a long term user of Plex, I am glad to see they are on the ball. 

 

I also realized I have 2FA on my account, another reason why you should use 2FA wherever possible.

 

For anyone wondering, EHW has 2FA if you want to set it up 🙂

£3000

Owned

 Share

CPU: AMD Ryzen 9 7950X3D
MOTHERBOARD: MSI Meg Ace X670E
RAM: Corsair Dominator Titanium 64GB (6000MT/s)
GPU: EVGA 3090 FTW Ultra Gaming
SSD/NVME: Corsair MP700 Pro SE Gen 5 4TB
PSU: EVGA Supernova T2 1600Watt
CASE: be quiet Dark Base Pro 900 Rev 2
FANS: Noctua NF-A14 industrialPPC x 6
Full Rig Info

Owned

 Share

CPU: Intel Core i5 8500
RAM: 16GB (2x8GB) Kingston 2666Mhz
SSD/NVME: 256GB Samsung NVMe
NETWORK: HP 561T 10Gbe (Intel X540 T2)
MOTHERBOARD: Proprietry
GPU: Intel UHD Graphics 630
PSU: 90Watt
CASE: HP EliteDesk 800 G4 SFF
Full Rig Info

£3000

Owned

 Share

CPU: 2 x Xeon|E5-2696-V4 (44C/88T)
RAM: 128GB|16 x 8GB - DDR4 2400MHz (2Rx8)
MOTHERBOARD: HP Z840|Intel C612 Chipset
GPU: Nvidia Quadro P2200
HDD: 4x 16TB Toshiba MG08ACA16TE Enterprise
SSD/NVME: Intel 512GB 670p NVMe (Main OS)
SSD/NVME 2: 2x WD RED 1TB NVMe (VM's)
SSD/NVME 3: 2x Seagate FireCuda 1TB SSD's (Apps)
Full Rig Info
Link to comment
Share on other sites

Give them credit,been years since I've used my acct, and they still notified me. screenshot of actual letter if anyone wants to see how they let peeps know. 🙂 The included link to reset was nice because it let me click and then just go to "forgot password" since it's been literally years and different comps between uses. 

Screenshot_716.jpg

Edited by schuck6566
Link to comment
Share on other sites

4 hours ago, schuck6566 said:

Give them credit,been years since I've used my acct, and they still notified me. screenshot of actual letter if anyone wants to see how they let peeps know. 🙂 The included link to reset was nice because it let me click and then just go to "forgot password" since it's been literally years and different comps between uses. 

Screenshot_716.jpg

Yeah and they also included specific directions on how to do it on the website too, in case people thought the letter itself was sus. 🙂

  • Thanks 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×
×
  • Create New...

Important Information

This Website may place and access certain Cookies on your computer. ExtremeHW uses Cookies to improve your experience of using the Website and to improve our range of products and services. ExtremeHW has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law. For more information please see our Privacy Policy