Personal Data Of Hundreds Of Spotify Users Surface Online: Report

Personal data of Spotify users have allegedly cropped up, TechCrunch reports on April 25.

In this possible security breach of the renowned music-streaming app, credentials of hundreds of Spotify accounts have surfaced on the website Pastebin. The details include users' email addresses, user names, passwords, account type and more.

The posted Pastebin page is dated April 23. TechCrunch declined to link the posted page into its report to safeguard people who are impacted by this suspected breach.

Apart from the general login information of affected users, the post on the site also reveals other important details like the country where the account was made and when the subscription auto-renews.

It's worth mentioning that the list of hacked accounts are users from across the globe.

TechCrunch reached out to some of the listed victims through email. It then verified that the users' accounts were hacked "only days ago."

Affected Spotify users report a few unexplained activities in their accounts.

– Some of them claim they received an email notification informing them their password had been reset on April 24.

– One user says that upon launching the music-streaming service on his phone, he saw "someone was using [his] account somewhere else."

– Some of the users' email addresses were reset.

– Some users report the unknown party saved music, deleted a playlist and even began following a new playlist.

– Many users report their other accounts, including Uber, Facebook, Skype plus their bank accounts, have also been hacked.

Users told TechCrunch that the problem started taking place just last week, somehow contradicting Spotify's statement with regard to this issue.

"Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly," said the company's spokesperson. "When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords."

What makes this incident odd is why the third-party entities responsible for the breach would use the login information of Spotify users to play music that could probably alert users about the breach.

"Typically, a hacker would want to simply collect then re-sell the credentials," says TechCrunch.

In February, Tech Times also reported that hundreds of user account details might have also been leaked online, revealing emails, renewal dates and account types.

Do you have a Spotify account? Let us know what you think regarding this issue.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics