Skip to main content
close search
site logo
Dive Brief

Spotify user data appears online, but company vows no new hack occurred

Published April 26, 2016
By
Contributing Editor
Flickr user Sorosh Tavakoli

Dive Brief:

  • The personal information of hundreds of Spotify customers appeared on the website Pastebin over the weekend, according to a TechCrunch report.

  • Spotify, however, says that it has not been hacked, prompting some experts to wonder if the latest incident involves data stolen during a previous security breach. 

  • The account credentials shared on Pastebin over the weekend include emails, usernames, passwords and account type. Many of the users TechCrunch reached out to confirmed they have recently experienced a breach to their account. 

Dive Insight:

Spotify has had security issues in the past. In November, more than 1,000 Spotify email addresses and passwords were leaked. The company also suffered a security breach in 2014.

Spotify maintains that this is not a new incident. In a statement released on its website, the company said, "Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords."

But some Spotify customers reported that their accounts were used and changed by unknown third parties over just the past few days. It appears that the parties are actually using the victims' Spotify accounts rather than simply stealing credentials for other uses.

Adam Levin, chairman and founder of IDT911 and author of Swiped, suggested users of digital music subscription services keep a careful eye out for unusual incidents.

"For anyone using Spotify, or a similar digital music subscription service, it is critical on a daily basis to monitor any financial account tied to those services for the slightest hint of fraudulent activity—not just in the wake of a breach," said Levin.

For companies previously affected by a hack, it’s worth noting that a data breach can have a recurring impact. Once the data is stolen, it can continue to show up in various places or be used for an undetermined amount of time, inflicting a potentially indefinite amount of damage.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Revenera Monetization Monitor 2025: Product Usage Insights Drive Better Roadmaps
From Revenera
November 25, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.