badaas 139 Posted July 2, 2015 Share Posted July 2, 2015 Just in case like me you dont visit much but have a password there. http://cordcuttersnews.com/plex-tv-forums-have-been-hacked/ 1 Link to comment Share on other sites More sharing options...
ebr 14910 Posted July 2, 2015 Share Posted July 2, 2015 Yikes. Link to comment Share on other sites More sharing options...
Abobader 2942 Posted July 2, 2015 Share Posted July 2, 2015 Yes, they send emails for their users about it. Link to comment Share on other sites More sharing options...
drakus72 17 Posted July 2, 2015 Share Posted July 2, 2015 WOW. I don't use plex, but I hope all that use it and have accounts are good. Link to comment Share on other sites More sharing options...
saitoh183 137 Posted July 2, 2015 Share Posted July 2, 2015 yeah it sucks ass...changed my password as soon as i got the email Link to comment Share on other sites More sharing options...
jasonmcroy 315 Posted July 2, 2015 Share Posted July 2, 2015 (edited) Yes, I received an email from them today about that. I remember trying to go onto their forums last night and kept getting a time out error. I just changed my password today for the Forum. Per the email I got there is no saved CC data or anything on those servers. -Jason Edited July 2, 2015 by jasonmcroy Link to comment Share on other sites More sharing options...
im85288 1493 Posted July 2, 2015 Share Posted July 2, 2015 Yeah wasn't sure if it was a scam email...always cautious of clicking links in emails. Link to comment Share on other sites More sharing options...
denethor 90 Posted July 2, 2015 Share Posted July 2, 2015 People who lazy enough to use same password with associated email provider on their forum user should also have to change their email provider password. Like myself Link to comment Share on other sites More sharing options...
ebr 14910 Posted July 2, 2015 Share Posted July 2, 2015 People who lazy enough to use same password with associated email provider on their forum user should also have to change their email provider password. Like myself I doubt there is any way the hacker could have gained access to your actual password. It is never actually stored anywhere. Link to comment Share on other sites More sharing options...
jjspierx 11 Posted July 2, 2015 Share Posted July 2, 2015 The email stated they got everybody's encrypted passwords, so what they got is salted and hashed passwords. For really simple passwords, they might be able to brute force the salted and hashed passwords, but that is a lot of work and processor power. Good idea to change passwords anyway, but unlikely that most people's passwords will be compromised. 1 Link to comment Share on other sites More sharing options...
Deathsquirrel 741 Posted July 2, 2015 Share Posted July 2, 2015 I'm not a user of Emby Connect but, in light of this, I'm curious if a similar forum compromise here would be cause for concern for those that do use that function. Link to comment Share on other sites More sharing options...
denethor 90 Posted July 2, 2015 Share Posted July 2, 2015 (edited) By the way that's why we should not have "enable delete local media" option in Web UI. This capability should be managed by local xml files on server. Or at least it should be op-out. I simply don't want to see that option. I could happily set this kind of property in my server: <disabledeletefiles>true</disabledeletefiles>For those who wants their client apps delete local media can simple would not add above config. Edited July 2, 2015 by denethor Link to comment Share on other sites More sharing options...
CBers 6768 Posted July 2, 2015 Share Posted July 2, 2015 I couldn't get on the Plex forums earlier to change my password. Still timing out now as well. Link to comment Share on other sites More sharing options...
swhitmore 781 Posted July 3, 2015 Share Posted July 3, 2015 In light of this, are our passwords encrypted here? Link to comment Share on other sites More sharing options...
Angelblue05 4130 Posted July 3, 2015 Share Posted July 3, 2015 Always encrypted, yes. I would be shocked to hear otherwise Sent from my iPhone using Tapatalk 1 Link to comment Share on other sites More sharing options...
ebr 14910 Posted July 3, 2015 Share Posted July 3, 2015 In light of this, are our passwords encrypted here? Of course. It would be very difficult for someone to obtain anyone's real password. This is why you can't even discover it if you forget it. You have to change it instead. 1 Link to comment Share on other sites More sharing options...
badaas 139 Posted July 3, 2015 Author Share Posted July 3, 2015 Quite ironic considering it took them nearly 3 years to fix certain ''holes'', then finally gave out certs to everyone last month I know they're blaming it on the PHP board software and it is nothing to do with ''their'' software/servers. Link to comment Share on other sites More sharing options...
Abobader 2942 Posted July 3, 2015 Share Posted July 3, 2015 Good day, Attacking is attacking, you can not do anything about it for wan services, you can do your best to close the holes here or there, patches the software you use. But they will always be away "someone" found something, you have to live with these factors. Nothing new/old in this matters. Indeed nothing to put down Plex admin's about, it just happens. My best 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now