Plex has delivered an emergency communique notifying users of “suspicious activity on one of our databases.”
The streaming and media server provider, familiar to almost every home NAS user, states that a hacker was able to access a “limited subset of data” containing emails, usernames and passwords.
Though passwords are said to have been “hashed and secured in accordance with best practices,” each and every Plex account is being advised to reset their password at the nearest opportunity.
“Rest assured that credit card and other payment data are not stored on our servers at all and were not vulnerable in this incident,” said the company in a statement.
A step-by-step guide on how to change your password is available here, and Plex also suggests taking the time to sign out of all connected devices – there’s a checkbox to do so automatically when setting a new password – as well enabling two-factor authentication.
At the very least, recurring breaches such as this serve as a stark reminder to take extra care with regards to online security. Don’t get in the habit of using the same password for multiple services, and consider employing the password generator/manager built-in to almost every major web browser.