Plex tells users to change passwords after database breach

The logo of streaming service Plex. (Graphic: The Desk)

Streaming software maker Plex is telling customers to change their passwords after the company discovered a database breach earlier in the week.

In a notice sent to customers early Wednesday morning, Plex said it became aware of “suspicious activity” on one of its databases. An investigation eventually determined that an unknown third party had accessed a limited amount of customer data, including usernames, e-mail addresses and encrypted passwords. Other personal information, like credit card data, was not impacted by the breach.

Plex says it immediately plugged the security hole and is forcing all users to change the password to their Plex account when they use the service next.  The company says customers can further protect their Plex accounts by enabling two-factor authentication (2FA), which is an added layer of security.

Plex is best known for its server software that allows users to stream video files hosted on their computers or mobile devices to television sets and other capable hardware. In recent years, the company has sought to re-position itself as a streaming service; in 2020, Plex launched a free, ad-supported streamer that offers on-demand and linear content from a handful of third parties.

Thanks for reading and supporting The Desk. If you have a question, comment or news tip, send a message by email or text, or connect on Facebook, Twitter or LinkedIn.