Streaming service Plex is urging its 25 million global users to reset their passwords after a security breach exposed customer account data.
In a statement on Monday, Plex said hackers gained access to one of its databases containing usernames, email addresses, scrambled passwords, and other unspecified authentication data. While the company said the passwords were unreadable to humans, it’s unclear whether they could be cracked or if stolen authentication tokens could be used to access accounts.
Plex is recommending that customers reset their passwords and log out of connected devices. Unlike some companies hit by breaches, Plex has not forced a universal password reset.
The company has not disclosed how many customers were affected, what hashing algorithm was used to secure the passwords, or when the breach occurred. Plex also hasn’t confirmed whether hackers demanded ransom or how long they had access before detection.
Related: Insight Partners Confirms Data Breach Notifications After January Hack
A spokesperson said Plex has fixed the vulnerability exploited in the attack but declined to provide further technical details.
