So I noticed a flurry of spam appear in my inbox the last few days, all addressed to my distinct Plex email address, which is not used anywhere else other than for this site.
So what happened? Was the Plex forum hacked and I didn’t hear about it? How did my plex email address otherwise get out into the world?
I just received an email inviting me to share my media with someone I don’t know. This is not OK.
Inviting you to share your media, or inviting you to share their media? There is a difference, here. One is soliciting your media, the other is wanting to share theirs with you. Plex.tv doesn’t allow someone to solicit you sharing with them. All they can do is try to share with you. If you are getting emails asking you to share with someone, it’s not from plex.tv…
In either case, unless I specifically know the person, having talked to them via voice coms, I automatically refuse invites to share their media.
Same here. Just noticed the first spam to my Plex address - also not used anywhere else.
likewise I have some dodgy emails appeared, I have a custom email specifically and only used for plex. More worryingly I had mail supposedly bounced back to me suggesting that my email address had been used as the reply/sender field for messages sent to non-existant addresses .
I am afraid that I am a victim is well. My dedicated Plex email address also gets spammed since the last couple of days.
I am afraid that there is a security breach at Plex. Or this is still fallout from the 2015 hack where some spammer just bought my emailaddress.
Came here to ask the same. My address is also exclusive to Plex, not used for anything else and extremely unlikely to be picked in a dictionary attack (it has “plex” in it). Looks like there’s been a breach somewhere.
I wonder is it related to Cloudbleed? They’re not currently using Cloudflare, but that’s not to say they weren’t last week.
Do people from Plex post here? If not, it will need to be reported to them.
Looking at your accounts, all of you were members on our old forums as of 2015-07-01, when our forums server was compromised. Email addresses were part of the compromise. While it’s been more than a year and a half since the incident, that database user information has been posted online more recently, too. So, the explanation is virtually certainly that someone recently added those email addresses to their spam distribution list(s).
Seems logical, thanks. Can you provide more information on the more recent postings? I follow some security blogs and it doesn’t ring a bell.
@dahamsta said:
Seems logical, thanks. Can you provide more information on the more recent postings? I follow some security blogs and it doesn’t ring a bell.
I don’t have/know any specifics, I just know that the info has been posted to one or more shady/“dark web” type places within the last few months. It’s not really unusual; data from compromises get posted and reposted to those kinds of places over time.
Also be aware that spammers will try to throw every conceivable address out there hoping that some are valid. Much like I could yell out “Billy” and “Samantha” in a crowd and I would likely turn some heads of actual Billys and Samanthas.
