Plex resets users’ passwords after forum hack, attacker demanding ransom in Bitcoin

exploit
Plex is one of our favorite media servers, and it’s certainly one of the most popular media streaming apps out there. This popularity is likely exactly what made it the target of a hacker who compromised the service’s user forums on Wednesday.

Plex confirmed the intrusion in a blog post yesterday. “The attacker was able to gain access to some personal information, such as IP addresses, forum private messages, email addresses, and encrypted (hashed and salted) passwords for our forum users,” the post reads.

As a security measure, Plex has reset the passwords of all forum accounts. Since Plex uses single sign-on (SSO), this means that any Plex.tv accounts linked with forum accounts have be reset as well.

Fortunately, no financial data was compromised. “We have no reason to believe that any other parts of our system were compromised, and we never store credit card or other payment data on our systems,” the post reads.

Just because no financial data was revealed in the hack, that doesn’t mean that the hacker isn’t looking for money. The hacker, who goes by the name of “savaka” posted a message to the hacked forum claiming that users’ details would be released unless a ransom of 9.5 Bitcoin (roughly $2,400) was paid by today.

“This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC,” the message read. “Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more Plex.tv.”

Plex has no intention of paying the ransom, so while the password reset should be enough to keep your Plex account safe, you will want to make sure that if you use the same login info for any other sites, you change your password on those sites as well.

The password reset is causing some problems for users of third-party apps. If you’re running into trouble after the password reset, Plex has the answers to some common questions in the blog post announcing the breach.

Mobile

Think iPhones can’t get viruses? Our expert explains why it could happen

If your iPhone has been acting strangely, then you may be concerned about the possibility it is infected with a virus or some malware. We take a look at just how likely that is and explain why iOS is considered relatively safe.
Computing

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Gaming

Need a bot to watch your Discord chat while you're away? Here's how to make one

Gaming-centric online chat app Discord has a lot of uses, but to get the most out of your server, you might want to think about automation. Discord bots can help, taking care of minor functions like listing the rules of your server.
Computing

Share encrypted files via Mozilla’s Firefox Send, a free file-sharing service

Software developer Mozilla has announced the release of its new, free file-sharing service, Firefox Send. It is expected to offer users a number of security features aimed at sending even large files for free.
Computing

Is 14 inches the perfect size for a laptop? These 4 laptops might convince you

If you're looking for the best 14-inch laptops, there are a number of factors to consider. You want good battery life, an attractive screen, solid performance, and a good build. Our favorites that do all that and more.
Gaming

Get Corsair’s best mechanical keyboard at a decent discount

From March 17 to 23, you can get one of the best mechanical keyboards around at a great price. The Corsair K95 RGB Platinum is normally $200, but this week you can pick one up from Amazon for $160.
Emerging Tech

Awesome Tech You Can’t Buy Yet: Write music with your voice, make homemade cheese

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Computing

Need more from your conference white board? The Surface Hub 2 should have it

The Surface Hub 2 could be the most expensive whiteboard ever made, but it should be a powerful and capable one. With the ability to connect several of the 50-inch displays together, the picture at least, should be gorgeous.
Computing

Teens using Google Docs as the modern version of passing notes in class

Google Docs is reportedly being used by teens as a secret communications app. Instead of passing notes, students are now using the software's live chat function or comment boxes to talk with their friends while in the middle of classes.
Emerging Tech

A.I.-generated text is supercharging fake news. This is how we fight back

A new A.I. tool is reportedly able to spot passages of text written by algorithm. Here's why similar systems might prove essential in a world of fake news created by smart machines.
Computing

Windows updates shouldn't cause problems, but if they do, here's how to fix them

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.
Computing

Here’s how you can watch today’s Nvidia GTC 2019 keynote live

Nvidia's rumored 7nm Ampere graphics could debut soon. The company will be kicking off its GPU Technology conference at 2 p.m. PT today, Monday, March 18, and you can watch the opening keynote here.
Computing

HP’s Omen Mindframe headset keeps your ears chill, but might leave you lukewarm

The Omen Mindframe headset uses HP's FrostCap technology to keep ears cool during long gaming sections. While it delivers on keeping ears cool, it forgets some of the essentials of a quality gaming headset.
Computing

There’s more space on MySpace after ‘accidental’ wipe of 50 million songs

MySpace is no longer a safe refuge for music and media produced in the 2000s. It said that almost any artistic content uploaded to the site between 2003 and 2015 may have been lost as part of a server migration last year.