PLEX.TV forum hacked, hacker demands ransom for user data
Plex, the video streaming service, found out on Wednesday that a server hosting its forum and blog had been compromised, Chris Curtis, a support engineer, said in a blog post.
" Approximately 1pm PDT yesterday (July 1st) we learned that the server which hosts our forums and blog was compromised. The attacker was able to gain access to some personal information, such as IP addresses, forum private messages, email addresses, and encrypted (hashed and salted) passwords for our forum users. As a precaution, we reset the plex.tv passwords of all users with linked forum accounts and reached out via email with further instructions for those affected. At this time, our forums remain offline while we complete our investigation. All other systems are online and operational."
Plex has reset user passwords as hacker has threatened the company if ransom he demanding is not paid, then he will release the user information on web.
"I gave them until the 3rd of this month to send 9.5 BTC, or I would release all this data. This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC. Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more plex.tv
You can also pay me to remove your data from the content that's going to be released - If you send an e-mail without BTC ready to send, I will add your data to a special list."
Curtis has asked users to change passwords at earliest. And choose a unique password not related to plex and any other social service. It should be a long and complex password as short and easy passwords are fast to crack by using cracking tools.
