The Plex data breach reminds us of how important cybersecurity is

Baku, September 9, AZERTAC

On August 24, 2022, media streaming platform Plex announced that they’d encountered a data breach involving encrypted user passwords and personal data, including emails and usernames. Following the breach, the company requested that users change their passwords as soon as possible.

In a statement to the media, Plex’s vice president of engineering Schuyler Ullman mentioned that all user passwords are hashed using a bcrypt algorithm and other cryptography concepts.

In the email, Plex informed users that the hackers compromised a subset of data. Fortunately, the company stated that it stores credit card details and payment information on separate servers, so they were not involved in the attack.

As one of the largest media streaming apps worldwide, Plex has over 30 million users. This also isn’t the first time a cybersecurity fault has catapulted Plex into the spotlight. In early 2021, the platform found that security flaws in its systems enabled multiple distributed denial of service (DDoS)-for-hire services to carry out DDoS attacks. While the company quickly solved the issue with a software patch, the latest episode is a stark reminder of how vital a robust cybersecurity plan is and how easy it is to exploit common passwords used by customers.

While Plex’s quick response to the issue is commendable, there’s plenty that consumers and streaming service providers need to do to ensure such breaches never occur again. If you have a Plex account, follow the company’s instructions  and consider enabling two-factor authentication. While you’re at it, you might also want to sign up for a password manager that helps manage and generate unique passwords.

These days, many free and paid password managers are available for users across various devices. Google Chrome, Microsoft Edge, and Apple’s Safari browsers all have a built-in password manager functionality which is pretty safe. If you’re looking for something more robust, you might want to consider subscription services like 1Password or LastPass that can be accessed across multiple devices like your smartphone.