Comment on 4 reasons Plex is turning into the thing it replaced
kieron115@startrek.website 1 week agoFrom their blog post about it:
An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication data. Any account passwords that may have been accessed were securely hashed, in accordance with best practices, meaning they cannot be read by a third party.
The passwords were hashed and, I’m inferring from their language, salted per-user as well. Assuming a reasonable length password (complexity doesn’t matter much here, what we want is entropy) it would take a conventional computer tens to hundreds of millions of years to crack one user’s password.
xthexder@l.sw0.com 1 week ago
Yeah, I’m not really worried about it. I changed my password and moved on. It’s just that hackers have every reason to try and exploit Plex, while individual servers are hardly worth someone’s time and effort to go after when the payoff is maybe 1-2 usernames and emails
bookmeat@lemmynsfw.com 1 week ago
Simply not true. There is no person out there deciding every fry is too small. They just pick an exploit and send some bots after it. Every target is a good target because every target is a platform for more. It’s currency. The discrimination happens at the userbase level which is why jellyfin will always be safe. Kidding 😂