Plex Asks Users to Reset Passwords Following Data Breach - MacRumors
Skip to Content

Plex Asks Users to Reset Passwords Following Data Breach

Popular media platform Plex has asked users to change their passwords "out of an abundance of caution" after it found a third-party had gained access to one of its internal systems.

plex
In a message to all users, Plex said that after discovering "suspicious activity" on one of its databases on Tuesday, the company ascertained that a hacker had been able to access "a limited subset of data" including emails, usernames, and passwords. From the email:

Yesterday, we discovered suspicious activity on one of our databases. We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords. Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution we are requiring all Plex account to have their password reset. Rest assured that credit card and other payment data are not stored on our servers at all and were not vulnerable to this incident.

Plex is asking users to tick the checkbox "Sign out connected devices after password change," when resetting their account password. This will sign out all devices, including Plex Media Servers, and require users to sign back in with their new password. Plex also recommends enabling two-factor authentication on their Plex account if they haven't already.


Plex says it has already addressed the method that the hacker used to gain access to the database, and it is conducting additional reviews to ensure the security of its systems and prevent a similar incident occurring.

Tag: Plex

Popular Stories

Apple 2026 Back to School Graphic

Apple's 2026 Back to School Offer Just Went Live in Select Countries

Wednesday July 15, 2026 11:48 am PDT by
Apple's annual Back to School promotion is now live in select countries in Asia, including China, India, Malaysia, the Philippines, Singapore, Taiwan, Thailand, and Vietnam. The offer provides college students and educational staff with a free item with the purchase of an eligible Mac or iPad model. The exact offer varies by country, with options including a pack of four AirTags, AirPods 4,...
iphone 17 cyber

Apple Closes Unlocked iPhone Loophole for T-Mobile and Verizon Financing

Wednesday July 15, 2026 3:20 pm PDT by
Carrier-financed iPhones purchased from Apple will soon be locked to the carrier, ending a workaround customers used to purchase an unlocked iPhone on a payment plan. Until the rule change, buying an iPhone from Apple and opting for financing through Verizon or T-Mobile meant you would get an iPhone not locked to either carrier's network. That's no longer the case, and now iPhones financed...
ipad mini 7 feature red and blue

New iPad Mini With Four Upgrades Reportedly Launching by October

Thursday July 16, 2026 7:16 am PDT by
Apple is planning to release a new iPad mini model with an OLED display by October this year, according to Bloomberg's Mark Gurman. Apple already updated the iPad Pro with an OLED display in May 2024, but the iPad mini, iPad Air, and entry-level iPad are all still equipped with LCD screens. The move to OLED technology would result in the next iPad mini offering improved image quality, thanks ...

Top Rated Comments

51 months ago

Are they really storing passwords? That is the highest level of incompetence. They should store the salted hash, like everyone else.
Are you really not reading the article? That is the highest level of incompetence. You should read the article, like everyone else.
Score: 22 Votes (Like | Disagree)
adrianlondon Avatar
51 months ago
I like to waste hackers' time by using the same password for everything, so on each hack they never get anything new.
Score: 18 Votes (Like | Disagree)
DFP1989 Avatar
51 months ago

Are they really storing passwords? That is the highest level of incompetence. They should store the salted hash, like everyone else.
No, they are a salted hash.
Score: 10 Votes (Like | Disagree)
chriscl Avatar
51 months ago

Likewise. Don't know if they're just getting slammed by people trying to reset their passwords or if there's another issue at play.
They are getting slammed by people trying to reset their passwords and than log back in again.

I managed to reset mine first thing this morning (I am in Germany, so CET) but I suspect as more users in Europe - and the US - get these emails, that the response time will get slower (if the sites load at all).

They also had some issues with the pw-reset link generating a message „The Token is Invalid. Please request a new one“, but if you actually did the pw change, the site accepted it (which is what happened with mine, and I was then able to log in with the new credentials).

Also, if you have not already done so, please enable 2FA. It really is worth it for the added security.
Score: 6 Votes (Like | Disagree)
contacos Avatar
51 months ago
Weird. Didn’t receive and email.
Score: 6 Votes (Like | Disagree)
51 months ago

I'm still unable to create a new password when provided the link to do so. I keep getting a "The token is invalid, please request a new one" error, and it's not saving or updating to the new password I'm trying to create. BOOO.
I think their systems will be a bit overwhelmed today. I am in the process of re-linking all my AppleTV boxes and the plex.tv/link site is a bit unstable also. Just need patience... :)
Score: 4 Votes (Like | Disagree)