Important Notice of Security Incident
forums.plex.tv
We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure. What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication ...

We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure.

  • papertowels@mander.xyzEnglish
    91·
    1 day ago

    No security guy, but if the passwords were just hashed and not salted it’s not ideal. Better than plaintext for sure though.

    EDIT: Plex employee confirmed they do salt (and pepper, which I’m less familiar with), the last time they were hacked and had passwords exposed, fwiw.

    • Die4Ever@retrolemmy.comEnglish
      7·
      1 day ago

      If they were hashed then they were likely salted too, not much reason to not do both. Especially since they said “in accordance with best practices”, otherwise they’re just lying lol. They probably just didn’t want to make the announcement too technical.

    • FreedomAdvocate@lemmy.net.auEnglish
      5·
      1 day ago

      in accordance with best practices

      They absolutely would have been salted, as that is best practice. Just not something the average Plex user understands most likely.