Plex Forums Hacked, Ransom Demanded For Stolen Login Credentials

The developers behind the uber-popular Plex media center software have revealed that their databases have been breached, and of course, that means just one thing: you might have a password or two to change.

In an email sent to affected users, Plex developers note that only its forum and blog were compromised, and that no financial information is at risk, as that's located on external servers. That doesn't mean that this should be taken too lightly, though, as those who managed to break into the server got away with IP addresses, email addresses, encrypted (hashed + salted) passwords, and perhaps of even more importance, unencrypted private messages.


While it's always very unlikely that a properly encrypted password will lead to any shenanigans, it's just not worth the risk to ignore the need to update the password. This is especially true if you happen to use the same password across multiple services.

If you don't receive an email from Plex (be sure to check the spam folder!), you're probably fine. But, in the event it's a fluke, if you've ever associated an account with Plex, you may want to investigate and make sure you're safe. Though at the current time, Plex's forum servers appear to be down, so that investigation may have to wait.