Streaming service Plex recently alerted its users to a security incident in which an unauthorized party accessed a limited portion of user data. The compromised information included email addresses, usernames, and securely hashed passwords. Plex assures users that no credit card or payment information was affected.
What You Should Do
Even though the passwords were hashed and not directly readable, Plex strongly recommends that all users reset their passwords immediately. Enabling two-factor authentication (2FA) is also advised to add an extra layer of security to your account.
How to Reset Your Password
- Open a private or incognito browser window.
- Visit the Plex password reset page.
- Enter the email address associated with your account and confirm.
- Follow the link in the email to create a new, strong password.
- Optionally, select “Sign out of all connected devices” to ensure your account is fully secured.
How to Enable Two-Factor Authentication
- Log in to your Plex account.
- Go to your account settings.
- Select “Two-Factor Authentication” and click “Enable.”
- Follow the instructions to set up an authentication app such as Google Authenticator or Authy.
Stay Alert for Phishing
With usernames and email addresses exposed, phishing attempts may increase. Plex will never ask for passwords or payment details via email. Be cautious and do not share sensitive information through unsecured channels.
Why This Matters
While Plex acted quickly to contain the breach, the responsibility now also lies with users to protect their accounts. Resetting your password and enabling 2FA are simple but crucial steps to keep your Plex account safe.
For further guidance, Plex provides detailed instructions and support through its official channels.
