Something of note as we begin: I haven’t touched ANYTHING Plex on my network in weeks… Just been really busy. No updates. No streaming. No adding media. NOTHING.
So I just got a notification on my Android (OnePlus 8, if it matters) that a new device had used my account to log into my Plex server (FreeNAS, if it matters). The device identifier after the colon was ()… Just an open and closed paren. Timestamp was 20:56. I pulled the logs and at that timestamp, one user did log in on my local network at 192.168.1.102. Pulled up my DHCP table and that device was my phone sitting unused right next to me!!! I’m sitting here watching a baseball game on TV and my phone is right next to me, not being used at all. Unsure what is going on. I did NOT receive any email for a login like I usually do (at least not until I got on my box and ACTUALLY logged in). My account didn’t stream anything, nothing was changed, and I’m 99.999999% sure my account has not been compromised. Only thing that could be would be my phone??? That doesn’t seem possible as I have no remote control programs on my phone (but obviously any device can be compromised with a determined malicious actor). Wondering if Plex re-logs in regularly or randomly on phones? Just trying to understand what happened and why the device used was noted as (). Any ideas? Thanks.
