Plex confirmed the intrusion in a blog post yesterday. “The attacker was able to gain access to some personal information, such as IP addresses, forum private messages, email addresses, and encrypted (hashed and salted) passwords for our forum users,” the post reads.
As a security measure, Plex has reset the passwords of all forum accounts. Since Plex uses single sign-on (SSO), this means that any Plex.tv accounts linked with forum accounts have be reset as well.
Fortunately, no financial data was compromised. “We have no reason to believe that any other parts of our system were compromised, and we never store credit card or other payment data on our systems,” the post reads.
Just because no financial data was revealed in the hack, that doesn’t mean that the hacker isn’t looking for money. The hacker, who goes by the name of “savaka” posted a message to the hacked forum claiming that users’ details would be released unless a ransom of 9.5 Bitcoin (roughly $2,400) was paid by today.
“This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC,” the message read. “Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more Plex.tv.”
Plex has no intention of paying the ransom, so while the password reset should be enough to keep your Plex account safe, you will want to make sure that if you use the same login info for any other sites, you change your password on those sites as well.
The password reset is causing some problems for users of third-party apps. If you’re running into trouble after the password reset, Plex has the answers to some common questions in the blog post announcing the breach.
