If you use Plex, stop reading and go change your password right now as there’s been another data breach at the popular streaming service. According to reporting from The Verge, the company sent users an email with the subject line “Action required: Notice of a potential security incident” that provided details on how their database had been accessed by an unauthorized third party which resulted in usernames, emails and hashed passwords being exposed for some customers.
Since hashed passwords are difficult to decrypt, they’re considered to be more secure. However, best practices still recommend that they are changed after a breach. Likewise, Plex also recommends that users enable two-factor authentication and sign out of any connected devices that they might be logged into.
In the email, Plex assured users that no credit card or payment information was exposed because that data is not stored on the company's servers. The company also states that it has addressed the method that was used to gain access to the database and are “undergoing additional reviews to ensure that the security of all our systems is further hardened” in order to prevent against any future hacks.
This latest breach is similar to one that occurred back in 2022, when authentication data and encrypted passwords were exposed for a reported 30 million users.
How to stay safe after a data breach
Anyone who has been involved in a data breach previously should definitely consider investing in one of the best identity theft protection services. However, doing so before falling victim to a data breach is ideal to take full advantage of things like identity theft insurance, though many companies will provide free access to one of these services after a major breach.
Plex users are going to want to be on high alert for phishing attempts – specifically look out for any emails that sound urgent and want you to “act now” to fix an issue, to provide additional personal or financial details, or need you to correct an account issue. Also, never click on anything in an email or text message if you are not expecting it, even if it appears to be legitimate. Instead, go directly to the source and log in to check your accounts independently.
From there, you want to make sure you're protected from online scams and hacks by using one of the best antivirus programs on your devices, and when you're online, use protections like a VPN or a hardened browser, which can protect you and your devices from malware and other online threats.
It's also important to stay vigilant against social engineering attacks and to monitor your accounts for suspicious activity. The best way to stay safe against phishing is to avoid clicking on any links, QR codes or attachments in emails or messages from unknown senders.
Given that only hashed passwords were exposed, this latest Plex data breach could have been much worse. Still, if you're a Plex user, you should change your password immediately just to be safe.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
