While home streaming media app Plex says that only a "limited subset" of user data has been pulled from its servers, the company is asking all users to change their passwords "out of an abundance of caution."
Plex is the service that lets users stream video from their Mac to any other device, creating their own personal streaming service. Now the company says it has "discovered suspicious activity" on one of its databases.
Not all Plex users have been emailed about the incident, but the message initially says that the company "is requiring all Plex accounts to have their password reset." It later modifies that to say that the company wants to "kindly request that you reset your Plex account password immediately."
"Rest assured that credit card and other payment data are not stored on our servers at all and were not vulnerable in this incident," says the email. "We've already addressed the method that this third-party employed to gain access to the system, and we're doing additional reviews to ensure that the security of all of our systems is further hardened to prevent future incursions."
Plex also advises that users select a checkbox labelled "Sign out connected devices after password change." This will then mean users having to sign back in with their new credentials on every device.
"This is a headache, but we recommend doing so for increased security," says the company, before apologizing for the inconvenience.
Plex has published a step by step guide to resetting passwords on its service.