Plex Update: Notice of a potential security incident
What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, and securely hashed passwords.
Any account passwords that may have been accessed were securely hashed, in accordance with best practices, meaning they cannot be read by a third party. Out of an abundance of caution, we recommend you immediately reset your password by visiting https://plex.tv/reset. Rest assured that we do not store credit card data on our servers, so this information was not compromised in this incident.
What we're doing We've already addressed the method that this third party used to gain access to the system, and we're undergoing additional reviews to ensure that the security of all of our systems is further hardened to prevent future attacks.
What you must do We kindly request that you reset your Plex account password immediately by visiting https://plex.tv/reset. When doing so, there's a checkbox to "Sign out connected devices after password change," which we recommend you enable. This will sign you out of all your devices (including any Plex Media Server you own) for your security, and you will then need to sign back in with your new password. We understand that this means a little more work for you, but it will provide additional security to your account.
Additional Security Measures You Can Take We remind you that no one at Plex will ever reach out to you over email to ask for a password or credit card number for payments. For further account protection, we also recommend enabling two-factor authentication on your Plex account if you haven’t already done so.
Lastly, we sincerely apologize for any inconvenience this situation may cause you. We take pride in our security systems, which helped us quickly detect this incident, and we want to assure you that we are working swiftly to prevent potential future incidents from occurring.
For step-by-step instructions on how to reset your password, visit: https://support.plex.tv/articles/account-requires-password-reset
Thank you, The Plex Team
Plex Security Incident - https://news.ycombinator.com/item?id=45174707
I was running both on the same hardware (Synology NAS via docker), and using the same client device (AppleTV). Jellyfin was painfully slow, via the native web interface to the point of being nearly unusable. On the AppleTV I tried both Swiftfin and Infuse. Swiftfin was painfully slow to the point of being unusable. Infuse was better once the caches loaded, but that took several hours of just navigating around the app. Once I did, the interface wasn’t one I liked and I seem to remember having issues with adding new files. I also has play back issues in one or more of the apps, I think.
As much as I’ve been concerned about the direction of Plex, it seems like the alternative isn’t up to the task. I remember installing the first version of Plex server probably over 15 years ago and it was smooth and fun to watch, with movie posters turned over as it loaded them in. Jellyfin felt like a chore.
Needless to say, I’m back on Plex. I’ll still keep an eye on alternatives in the space, but I’m really disappointed with all the people who have been shouting the Jellyfin name from the rooftops, saying it’s better than Plex. That was not my experience at all. Maybe on a much more powerful system, with a much smaller library? I’d love to see it become great, but it feels like they have a long way to go to really nail the basics while remaining performant.
Now use Jellyfin, which was difficult because our hisense tv only had Plex (had to 'hack' it to sideload), but at the server end (just a desktop running Kubuntu in the same subnet) has been great. Works well for me, just as Plex did 10(?) years ago.
I spent a lot of the summer of 2024 watching Tubi in the room of the other house with a stray cat that I failed to domesticate and figured FAST wasn't so bad after all. Last winter I switched back to Plex and I am so delighted with it. It's a consumer electronics experience to watch content off my server or FAST or live OTA TV or recorded OTA TV with a game console. With Plexamp I can listen to music off my server wherever I go on my phone and either listen to albums and tracks I choose or use the 'Deep Cuts' recommender which is just great because it challenges me to listen to stuff I don't always listen to.
That said, there's nothing more I dread than having to change my password on mobile and game console like devices -- one thing I really relish is being able to watch TV and movies on my game console and not have to log in every time (like it is watching DVDs) which was one of the many ways Jellyfin failed.
[1] https://en.wikipedia.org/wiki/Free_ad-supported_streaming_te...
Are Plex and Emby related somehow?
I've got Emby running here - selected for no better reason than several of my friends run it. I'd consider switching to Jellyfin if there were reasonable evidence showing that Emby was run by the Plex people - or if they started showing obvious signs of the enshittification playbook...