Plex hacker demands Bitcoin ransom for return of data

3 Jul 2015 | Author: | No comments yet »

Media Server Company Plex Hacked – Forum Servers Affected, But Payment Info Safe.

Video streaming service Plex has reset user passwords after it was breached by a hacker who threatened to release stolen data unless he’s paid a ransom. The company found out on Wednesday that a server hosting its forum and blog had been compromised, Chris Curtis, a Plex support engineer, said in a blog post. However, the attackers were only able to compromise the servers hosting the company’s forums and blog – not account information or users’ financial data, the latter which Plex says is not stored on its own servers at all. Plex yesterday announced that the servers on which its blog and forums are hosted have been breached, leaving IP addresses, private messages, email addresses and encrypted forum passwords vulnerable. That being said, many Plex users had forum accounts which are linked to their account, which means that both accounts have been compromised as a result of the attack.

Savata asked for 9.5 bitcoins (US$2,400) but wrote that the ransom would increase to 14.5 bitcoins if it wasn’t paid by Friday, according to a copy of the message posted on Reddit. The hack itself took place on July 1st, and the hacker claiming to be responsible took to the forums, saying they had “obtained all of your data, customers as well as software and files.” The hacker also demanded a ransom, payable in the form of Bitcoin, or else the data would be released by way of “multiple torrent networks,” this person said. Payment card data was not exposed, he wrote, and Plex had “no reason to believe that any other parts of our system were compromised.” He reminded users they should choose strong, unique passwords for each online service they use. The worst case scenario, Feingold also said, would be if the hacker was able to reserve the hashes on forum passwords and then sign into using that info. (Of course, since many people re-use their passwords around the web, the ramifications of the hacker doing this could be worse.

While Plex says that the passwords that were stolen were hashed and salted and, thus, should be safe, it’s still a good idea to change your password. If you visit the site while logged in with an affected account, you will be automatically redirected to the “Change your password” screen, so it shouldn’t be too hard.

The email was only sent out to those whose forum accounts were tied to their Plex accounts, though, which means you may not have received it, even if you’re a Plex user yourself.

Here you can write a commentary on the recording "Plex hacker demands Bitcoin ransom for return of data".

* Required fields
All the reviews are moderated.
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site