We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure. What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication ...
Should have been put in the OP because people are going to jump the gun:
Still, always good practice to change your password after this sort of leak. However unlikely it is that someone could access your account, it’s never a bad idea.
If you use a unique password and have 2FA on there’s no real need, but yeah it can’t hurt.
I bet the 2FA secret was leaked too though…
Right there in the announcement.