At 1:55am on 1/4/2020 I received an email that my account email had been changed. The email that it was changed to was aerowaero@yahoo.com, however, when logged into my Plex account the displayed email is:
I do not know either of these emails. My account has been compromised. I received another email with a link to change my password, but the link was expired. When trying to change the password or delete the account, it seems I’m unable to because I cannot use my set password. Please help!
Thank you. I have already done this but have not received a response. I’m also unable to change the email address when asking a question on Plex’s questionnaire form, so I’m afraid I won’t be able to get a reply.
I’m unable to change it in the dialog box and this is not my email. I try to delete it, but it keeps appearing back. I provided my actual email associated with my account when explaining the situation.
Great to see this resolved so quickly. However, this case highlights the need to see something stronger like 2SV or 2FA implemented for Plex accounts in the foreseeable future.
At present, I have five family members with Plex accounts. Password strengths are going to vary amongst family members. Policing this is not easy. It’s going to be troublesome if one of those accounts gets hacked under the current account security regime.
Plex also has the unenviable reputation of being one of a handful of sites listed as being pwned in recent history.
So here’s a question did you actually pay for a lifetime plex pass because if you didn’t just open a new account I know it’s a pain in the butt, but it will probably be the fastest thing. If you did pay for a Plex pass and it was relatively recent you can dispute the charge with your bank or you could just file with the Better Business Bureau to get a hold of Plex, somebody will respond probably.
