Spotify Premium Accounts Exposed Yet Again
Shortly after news about the Netflix account hack broke out, hackers are at it again—this time targeting Spotify Premium accounts. According to reports, personal details of compromised accounts appeared in three different online data dumps on Pastebin, a web application that allows users to store plain text and share short source code snippets. The data dumps contained email addresses with corresponding passwords for Spotify. For other accounts, details like account renewal dates, account types, and home countries were also exposed in the dumps.
A spokesperson for Spotify responded saying, “We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords.” However, Forbes has confirmed that Spotify failed to notify affected users about the dump even if more than 80 hacked accounts were correct and active.
Last November, over 1,000 email addresses and passwords used in the music-streaming app were also leaked. And just like this incident, victims of the attack claim that Spotify did not inform them about the hack. In both cases, the identity of the hacker and the details of how the breach took place are still unknown. Those who have reason to believe that their Spotify accounts were hacked are advised to email Spotify directly. Spotify has been actively working hand-in-hand with users in verifying which accounts were hacked and which accounts have not been compromised.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases