After thorough investigation by a team of forensic specialists, we’ve identified the source of the compromise to the forums server. As we had suspected, the attackers gained entry via exploiting bugs in the forums software, some of which may not be well understood or publicly disclosed, or have patches readily available. The investigation did not turn up any other compromised systems.
We’re continuing to investigate, but as you can imagine, it wouldn’t be wise to bring the forums back to life before being comfortable that we’re not vulnerable to the same attack. As such, we’re exploring all options, including migrating to new forums software.
We’re committed to bringing back the forums as soon as humanly possible. We worked tirelessly over the holiday weekend, and will continue to work until the forums are back. We appreciate your continued patience, and apologize for this inconvenience.
Posted Jul 07, 2015 - 15:09 UTC
Identified
Blog is up again. Still working on forums
Posted Jul 02, 2015 - 10:12 UTC
Update
We became aware this afternoon that the server which hosts our forums and blog was compromised. We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all.
Users who have a forum account which is linked to a plex.tv account have had their passwords reset and emails have been sent out. The attacker was able to gain access to IP addresses, private messages, email addresses, and encrypted forum passwords (in technical terms, they are hashed and salted). Despite the password encryption measures, we take your privacy and security very seriously, so as a precaution, we issued the password reset. When creating the new password, be sure to choose a strong password, never share it, and never re-use passwords for different accounts! Even better, use a password manager (1Password, for example) to manage a unique password for you.
We're continuing our investigation.
Posted Jul 02, 2015 - 05:56 UTC
Investigating
Our forum machine has apparently been compromised. We’ve brought it down so we can investigate. We have no reason to believe that any other parts of our infrastructure was compromised, but we're still investigating. We’ll update when we know more.