Plex resets users’ passwords after forum hack, attacker demanding ransom in Bitcoin

exploit
Plex is one of our favorite media servers, and it’s certainly one of the most popular media streaming apps out there. This popularity is likely exactly what made it the target of a hacker who compromised the service’s user forums on Wednesday.

Plex confirmed the intrusion in a blog post yesterday. “The attacker was able to gain access to some personal information, such as IP addresses, forum private messages, email addresses, and encrypted (hashed and salted) passwords for our forum users,” the post reads.

As a security measure, Plex has reset the passwords of all forum accounts. Since Plex uses single sign-on (SSO), this means that any Plex.tv accounts linked with forum accounts have be reset as well.

Fortunately, no financial data was compromised. “We have no reason to believe that any other parts of our system were compromised, and we never store credit card or other payment data on our systems,” the post reads.

Just because no financial data was revealed in the hack, that doesn’t mean that the hacker isn’t looking for money. The hacker, who goes by the name of “savaka” posted a message to the hacked forum claiming that users’ details would be released unless a ransom of 9.5 Bitcoin (roughly $2,400) was paid by today.

“This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC,” the message read. “Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more Plex.tv.”

Plex has no intention of paying the ransom, so while the password reset should be enough to keep your Plex account safe, you will want to make sure that if you use the same login info for any other sites, you change your password on those sites as well.

The password reset is causing some problems for users of third-party apps. If you’re running into trouble after the password reset, Plex has the answers to some common questions in the blog post announcing the breach.

News

Millions of real estate records were publicly accessible due to lax security

A major financial services company, First American Corporation, has left millions of records publicly accessible on its servers. The data included bank account details, mortgage records, driver's license images, and Social Security numbers.
Web

What is Reddit? A beginner’s guide to the front page of the internet

If you spend much time online, you've probably heard of Reddit. Here, we break down the terminology, perks, and inner workings of everyone's favorite social platform. Understanding the "front page of the internet" has never been so easy.
Home Theater

Plex is free and easy, and you'll wonder how you survived without it

If you want a Netflix-like experience for the media you already own, you need Plex. It's the free media center software that automatically catalogs and plays your movies, music, photos, and more, on your TV. Here's how to use it.
Social Media

Millions of Instagram influencers reportedly had private data exposed online

As many as 49 million Instagram influencers have reportedly had their private data exposed in an online database that had no password protection. The database was apparently created by a marketing firm and has been taken offline.
Computing

Keep your kids safe online with these great parental control tools

The internet can be a dangerous place, especially for your loved ones. Check out our selection of the best free parental control software for Windows and MacOS, so you can monitor your child and block unsavory sites.
Computing

These external drives have speed, durability, and storage space to spare

Whether you want an external storage drive that is fast, portable, or comes with a ton of storage, these are the best external hard drives available today. They all come with great features and competitive pricing.
Computing

Here’s how to watch AMD reveal its new Ryzen chips at Computex

AMD will hold a pre-Computex keynote May 27 to announce its new line of 3rd-generation Ryzen processors and accompanying Radeon Navi graphics cards. Here's how to watch the keynote live wherever you are in the world.
Computing

The 2019 ThinkPad lineup is robust. Here's how to pick the right one for you

Be it the X series, the T series, E series, it can be tough to find the best Lenovo laptop that is right for you. To help, we'll break down all the options available to make your choice a more informed one.
Computing

Should you buy a MacBook Pro or a Razer Blade Stealth? We'll help you decide

Laptop head to heads are a great way to see which one might be the right one for you. Our latest sees the Razer Blade Stealth (2019) vs. MacBook Pro in a fight to see which one deserves to be your next laptop.
Computing

AMD's latest Navi graphics cards are incoming. Here's what to expect

AMD's Navi graphics cards could be available as soon as July 2019 — as long as it's not delayed by stock problems. Billed as a successor to Polaris, Navi promises to deliver better performance to consoles like Sony's PlayStation 5.
Computing

Ryzen 3000 chips will pack a punch, and could launch as early as July

AMD's upcoming Ryzen 3000 generation of CPUs could be the most powerful processors we've ever seen, with higher core counts, greater clock speeds, and competitive pricing. Here's what we know so far.
Mobile

Want to watch Netflix in bed or browse the web? We have a tablet for everyone

There’s so much choice when shopping for a new tablet that it can be hard to pick the right one. From iPads to Android, these are our picks for the best tablets you can buy right now whatever your budget.
Deals

The best Amazon Prime Day 2019 deals: Everything you need to know

Amazon Prime Day 2019 is still a few months off, but it's never too early to start preparing. We've been taking a look at the best discounts from previous Prime Days to give you our predictions of what to expect this year.
Computing

Microsoft might finally embrace USB-C on next-gen Surface Pro 7

USB-C could finally come to Microsoft's Surface Pro tablet. According to a Microsoft patent filing, the port was shown in an illustration, suggesting that the company is working to support this feature in the future.