They admitted the issue because they’re a German company and they would get fined 20 million euros if they didn’t.
Comment on Plex got hacked.
JasonDJ@lemmy.zip 1 day ago
-
admitted the issue immediately
-
reassured users as to actual scope of breach, probable risk
-
provided recommended actions for users who think they may be impacted.
My god…I’ve got to hand it to plex. This is the perfect incident response letter.
Scrollone@feddit.it 4 hours ago
remon@ani.social 15 minutes ago
they’re a German company
Unless there is a town called “German” in California, they are not.
Cocodapuf@lemmy.world 23 hours ago
Yeah, I have to agree. When a breach occurs (and it happens to just about every organization at some point or another) a press release this honest, responsible and immediate is not really the norm. I see this as a show of competence on the security front and integrity for the company as a whole.
I do wish Plex wasn’t further enshitifying their product more with every release, but that’s a different issue.
lazynooblet@lazysoci.al 1 day ago
They didn’t provide any real timelines, unless I missed something. Trust me bro, we shut it down real fast.
kbobabob@lemmy.dbzer0.com 1 day ago
I don’t understand what the difference would be. The damage is done and they notified people of those damages.
lazynooblet@lazysoci.al 23 hours ago
Well, if it said “The attacker gained access to systems in October 2023 and we patched out the vulnerability during March 2025,” you’d be asking why it took so long to discover the intrusion and why they didn’t let us know for six months?
zr0@lemmy.dbzer0.com 1 day ago
Fully agree. There is no time and space to play the blame game, as it simply does not matter at this point. React swiftly and be transparent. You are free to invest months afterwards for investigations and followups
Gutless2615@ttrpg.network 1 day ago
I mean I don’t understand the accolades for legally following the law.
scratchee@feddit.uk 1 day ago
You can follow the law and still screw up the response/announcement pretty badly, and so many do not even manage that much.
So yeah. It’s satisfying when someone acts both professionally and conscientiously in a situation like this.
8uurg@lemmy.world 1 day ago
Yeah, even if it is the law, companies do tend to fall short of adhering to said law. For example, a lab that does cancer screening got hacked and pretty much messed up their entire response.