{“lastseen”:”2025-09-10T10:06:56″,”description”:”Media streaming platform Plex has warned customers about a data breach, advising them to reset their password.\\n\\nPlex said an attacker broke into one of its databases, allowing them to access a \\”limited subset\\” of customer data. This included email addresses, usernames, hashed passwords, and authentication data.\\n\\n\\u003e \u201cAny account passwords that may have been accessed were securely hashed, in accordance with best practices, meaning they cannot be read by a third party. Out of an abundance of caution, we recommend you take some additional steps to secure your account\u2026 Rest assured that we do not store credit card data on our servers, so this information was not compromised in this incident.\u201d\\n\\nHashing is a way to protect users’ passwords by transforming them into a scrambled and unreadable format before storing them. Think of it like turning a password into a unique \\”fingerprint\\” made of random letters and numbers that doesn’t resemble the original password. This scrambled form is called a hash, and it is created using a special mathematical process called a hash function.\\n\\nThe main point about hashing is that it is a one-way process: once a password is hashed, it cannot be reversed or decrypted back into the original password. When you log in, the system hashes the password you enter and compares that to the stored hash. If they match, you get access. This means companies never store your real, plain text password, which helps keep your credentials safe even if their database is hacked.\\n\\nThe downside is that some systems are vulnerable to pass-the-hash attacks where an attacker can sign in by only knowing the hash. But those are mainly a concern in Windows network environments.\\n\\nIn the case of the Plex breach, pass-the-hash attacks are less of a worry for regular users. Plex uses hashed passwords mainly for user login access to its streaming platform, not for network-level authentication. Plex doesn\u2019t directly enable attackers to authenticate anywhere else without cracking those hashes first.\\n\\nHowever, as a precaution, Plex users should still follow the instructions from the company, below.\\n\\n## What Plex asks users to do\\n\\n**If you normally log in using a password** : Reset your Plex account password immediately by visiting https:\/\/plex.tv\/reset. During the reset process you\u2019ll see a checkbox to \u201cSign out connected devices after password change,\u201d which the company recommends you enable. This will sign you out of all your devices (including any Plex Media Server you own). After the reset you\u2019ll need to sign back in with your new password. \\n\\n**If you normally log in using Single Sign-On** : Log out of all active sessions by visiting http:\/\/plex.tv\/security and clicking the button that says \u201dSign out of all devices\u201d. This will sign you out of all your devices (including any Plex Media Server you own) for your security, and you will then need to sign back in as normal.\\n\\nFor further account protection, we also recommend enabling two-factor authentication 2FA on your Plex account if you haven\u2019t already done so.\\n\\nLook out for any phishing attempts that may try to prey on this incident. Plex has said that no one at Plex will ever reach out to you over email to ask for a password or credit card number for payments.\\n\\n## Check your digital footprint\\n\\nMalwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it\u2019s best to give the one you most frequently use) to our free Digital Footprint scan and we\u2019ll give you a report and recommendations.\\n\\nSCAN NOW\\n\\n* * *\\n\\n**We don ‘t just report on threats – we help safeguard your entire digital identity**\\n\\nCybersecurity risks should never spread beyond a headline. Protect your\u2014and your family’s\u2014personal information by using identity protection.”,”published”:”2025-09-10T09:47:06″,”modified”:”2025-09-10T09:47:06″,”type”:”malwarebytes”,”title”:”Plex users: Reset your password!”,”source”:””,”references”:””,”id”:”MALWAREBYTES:2F8E119C8EC0E0CE8A2C4EE4AAE70198″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/09\/plex-users-reset-your-password”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-09-10T10:06:56″,”description”:”Media streaming platform Plex has warned customers about a data breach, advising them to reset their password.\\n\\nPlex said an attacker broke into one of its…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-16914","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n