Plex: Another data breach!
Looks like another plex data breach occured a few days ago:
https://forums.plex.tv/t/important-notice-of-security-incident/930523
-=[ What Happened ]=-
Plex recently confirmed a database breach that exposed account information. Email addresses, usernames, and hashed passwords may have been accessed. Even though Plex stores passwords securely, attackers can attempt to crack weak ones.
-=[ Immediate Actions: ]=-
1 - Change Your Plex password!!!
-Go to https://www.plex.tv/
→ Account Settings → Change Password
-Use a strong, unique password!!
2 - Sign Out of All Devices
-After changing your password, select "Sign Out of Connected Devices" to force a re-login everywhere.
( pain in the ass but better safe than sorry! )
3 - Enable Two-Factor Authentication (2FA)
-In Account Settings → Two-Factor Authentication, scan the QR code with an authenticator app (Authy, Google Authenticator, etc.).
-Save backup codes offline securely!!
-=[ Extra Password Stuff for fun ]=-
You can check if your old password appears in a known breach using a local linux bash script that only shares the HASH of your password and not directly in plain text using a simple linux bash script.
-=[ What the Script Does ]=-
passcheck.sh lets you test a password against the "Have I Been Pwned" (https://haveibeenpwned.com/) breach database without exposing the password itself.
The script converts the password into a SHA-1 hash and only sends the first five
characters of the hash to the HIBP API.
This k-anonymity method means the full password and complete hash never leave your machine, so the check cannot reveal your actual password to anyone.
-SSH to your favorite linux box and create the script with nano:
nano passcheck.sh
-Paste this simple script into editor:
#!/bin/bash
read -s -p "Enter password to check: " password
echo
hash=$(echo -n "$password" | sha1sum | awk '{print toupper($1)}')
prefix=${hash:0:5}
suffix=${hash:5}
result=$(curl -s "https://api.pwnedpasswords.com/range/$prefix" | grep "$suffix")
if [ -z "$result" ]; then
echo "✅ Your password was NOT found in the breach database."
else
echo "❌ Your password HAS been found in the breach database:"
echo "$result"
fi
-Save the file.
-Make it executable:
chmod +x passcheck.sh
-Run it:
./passcheck.sh
Example output of testing weak password: "connect1"
Example output of testing a more secure unique password:
Hope this helps and stay safe out there!!!
-=[ BONUS CAT TAX ]=-
Leave Plex: Another data breach! to:
Read more #plex posts
Best Posts From e v i l e d d y
We have not curated any of evileddy's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.
More Posts From e v i l e d d y
- ⚠️ HORROR WEAPON IS LIVE - AND IT’S NOT BACKING DOWN ⚠️
- Horror Weapon
- 🎧 Horror Weapon – Dark Industrial Transmissions
- Evil People News — Episode 1: Food Prices Reach Enlightenment
- A Good Meal Can Change a Mood
- Plex: Another data breach!
- Positive Vibes Sunday: Empathy Is Punk
- Violence is the Answer – A Dark Urban Fantasy Tale - Part I
- An Amazing Mural in Downtown Stratford
- Turtle-Wow!
- Story Teaser: Would You Read a Serialized Sci-Fi Horror Tale?
- Building Community in Small Towns: One Discord at a Time
- Introducing the Red Flag Text Analyzer
- Why Going to the Gym is One of the Best Things a Man Can Do for Himself
- 🚧 Building Something Powerful (and a Bit Mysterious) Behind the Scenes…
- Writing as Therapy: How Putting My Thoughts Into Words Saved My Sanity
- Pick Your Ultimate Comfort Food — What Hits the Spot Every Time?
- Rediscovering Joy in Code: Why I’m Loving PHP and MySQL Again!!
- Why Vibe Coding Burned Me Out (And What I’m Doing About It)
- Burnout Isn't Laziness. It's a Survival Response.