Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Plex customer data leak

Data Leak
First reported
Last updated
Happening score
H score 26
1 unique sources, 1 articles

Summary

Hide ▲

Plex confirmed a data leak after an unauthorized third party accessed a limited subset of customer data from one database, exposing emails, usernames, securely hashed passwords, and authentication data. The exposure raises account takeover risk even though the passwords were hashed. Plex is telling users to reset passwords and enable two-factor authentication.

Related Happenings

PcComponentes hit by cyberattack

Incident
First: 21.01.2026 22:55 Last: 21.01.2026 22:55 Sources 1

About this happening: **PcComponentes** confirmed a **credential stuffing attack** on its platform, and the event mattered because a **small number of accounts** were compromised and account protection...

Open Happening

LastPass customer password vault backups exposed

Data Leak
First: 05.01.2026 11:30 Last: 05.01.2026 11:30 Sources 1

About this happening: The **2022 LastPass data leak** exposed backups of about **30 million customer password vaults**, leaving more than **25 million users** with a **long-tail risk** of offline crack...

Open Happening

DraftKings credential stuffing campaign targeting customer accounts

Campaign
First: 07.10.2025 22:09 Last: 07.10.2025 22:09 Sources 1

About this happening: A **DraftKings** credential-stuffing campaign put an **undisclosed number of customer accounts** at risk and triggered breach notices. Attackers used **stolen username/password pa...

Open Happening

Plex hit by cyberattack

Incident
First: 09.09.2025 04:03 Last: 09.09.2025 04:03 Sources 1

How related: "An unauthorized third party accessed a limited subset of customer data from one of our databases," reads the Plex data breach notification.

About this happening: **Plex** said an **unauthorized third party** accessed a **limited subset of customer data** from one database, prompting password resets and raising the risk of **credential abus...

Latest development: 09.09.2025 11:40

Plex said an unauthorized third party accessed a limited subset of customer data from one of its databases, including emails, usernames, securely hashed passwords, and authentication data. Plex said it quickly contained the incident, blocked the attackers’ access to its systems, urged users to reset Plex account passwords and enable sign-out of connected devices after password changes, and warned about possible phishing from Plex impersonators.

Open Happening

Timeline

  1. 09.09.2025 04:03 2 articles · 8mo ago

    Plex warns customers after customer data breach

    Initial Disclosure

    Plex says an unauthorized third party accessed a limited subset of customer data from one of its databases, including email addresses, usernames, securely hashed passwords, and authentication data. The company says it quickly contained the incident, that no payment card information was stored on its server, and it is directing users to reset passwords, sign out connected devices, and enable two-factor authentication.

    Show sources
    Open in new tab