We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure. What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication...
How is that any different than any other software package? Unless you’re coding it yourself, things can be changed without your permission.
And even if you do code it yourself, you may have dependencies that do undesirable things outside your control.