A hacker is demanding 9.5 BTC in return for not publicly releasing user data stolen from Plex, an application that allows users to organize media files and stream them to their computer screens.On July 1st, the application sent out email notifications to those affected by the hack:“Sadly, we became aware this afternoon that the server which hosts our forums and blog was compromised,” the letter reads. “We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all.”The company goes on to explain that forum users were the hardest hit. According to a company representative, these customers’ IP addresses, private messages, and internal email messages were exposed likely due to a vulnerability related to PHP/IPB.
No card information is expected to have been compromised, for this type of information is not stored on Plex’s servers.Shortly after the hack, an individual named Savaka went on Reddit, where he claimed responsibility for the breach and posted his demands.“I gave them until the 3rd of this month to send 9.5 BTC to [redacted] or I would release all this data,” the now removed post reads. “This ransom is still active and on the 3rd: if no BTC payment is made, the ransom wll go up by 5 BTC.”Before instructing users on how to submit individual payments for their data, Savaka issued a warning: “Eventually if no BTC payment is made, the data will be released via multiple torrent networks and there will be no more plex.tv”A day after the breach, Plex co-founder and CTO Elan Feingold responded to the hacker on Reddit confirming that the forums machine was “definitely compromised” but that he and his team had no reason to expect that other parts of their infrastructure were affected by the breach.The company’s investigation is currently ongoing. In the meantime, it has reset the plex.tv passwords of all users with linked forum accounts, according to a security notice.The Plex breach serves as a reminder that all users should protect each of their web accounts with strong, unique passwords. For more information on what types of passwords you can use to protect your data, please click here.