Popular media server program Plex has been hacked, and the attacker has been trying to get it to pay a ransom for user account details. Plex however says that while the server where its blog and forum are kept was "compromised", the passwords associated with user accounts are encrypted and therefore most likely unusable.
Since the same sign-on is used for the forums and a user's Plex account, a stolen forum password could still give the hackers access to users' IP addresses, email addresses, passwords, and private messages on the forum.
The Plex forum has been shut down temporarily, but according to a report, the attacker, using the name "savaka" posted a demand for 9.5 Bitcoin (approximately $2,400 or Rs. 1.5 lakh), saying that if this ransom was not delivered, then he would leak all the stolen data.
"This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC," the hacker said. "Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more plex.tv."
On Reddit, Plex CTO Elan Fiengold wrote that while the "forums machine was definitely compromised, likely via PHP/ IPB vulnerability", the rest of thhe infrastructure might not have been affected.
He added, "Change your plex.tv password for sure (and now would be the time to make it unique/ strong as well)."
On the Plex blog, the company reiterated that credit card and payment data is not stored on its systems, but again asked users to change their passwords, and recommended that people use a password manager like 1Password or LastPass.
For users, there's not much else you can do at this point - change your Plex password, make sure you haven't used the same password on any other site and change it there if you have, and remember to change passwords frequently.