I am unsure if this is the right sub-forum for this, but I had some weird email activity on my Plex account over the past six hours.
I got three email from noreply@plex.tv within a few minutes of each other stating:
“A new device was used to sign in to your Plex account”
It had my account name, the device listed for each email was “Plex”, the locations were Brazil, Indonesia, and Russia, each with a unique IP address.
It also stated that if I didn’t recognize the activity, then I should change my password. Being cautious about phishing emails, I of course didn’t use the link in the email to reset my password, but did it via the website. I also chose the option to log off all linked devices.
I then had issues claiming my server, which I eventually fixed.
About 4 hours later after the earlier emails, I got another email from noreply@plex.tv saying that someone asked for a link to reset my Plex account password.
This is just a bunch of strange stuff to happen in a short period of time.
These types of warning mails are indeed automatically sent by plex.tv
If you encounter this kind of things going on with your account, change your password immediately. Use a strong password, which is not shared with other websites and services!
And sign-out all other devices during the course, or it won’t be as effective. (there is a check-box in the ‘change password’ dialog to do this.)
Unfortunately, subsequently you’ll have to re-login all your clients and servers into your account again.
b) after you changed your password, s/he tried to get into it again by resetting the PW.
I hope for you that you don’t use the same user/password combination (old password that got “hacked”) anywhere else. If you do, also change the password there. Chances are high that people might try to take over also other accounts and/or your user/pw combination is already “known to the public”.
