Tech

Spotify users' info leaked following streaming service hack

by Jeremy Mersereau

Though online streaming service Spotify has had its share of glitches in the past, this one goes beyond a misattributed song or a disappearing playlist or two: someone or someones went phishing, and reeled in a ton of secure user info.

A list of Spotify login credentials – including usernames, passwords, and account types (i.e. family, premium, etc.) – was posted to the website Pastebin earlier this week. The security breach wasn’t just limited to the U.S or North America, either: the hundreds of compromised accounts come from all over the world.

The Pastebin post, which was dated April 23rd, might not point to a recent hack, however – this could be the still-circulating list of previously illicitly-acquired user info. A hack in November of last year, traced to an email account in Russia, made off with over 1,000 email addresses and passwords, and this info could be residual fallout from that incident.

For its part, Spotify denies any security breach, saying that its user records are secure and that no hack has taken place. Users say otherwise, however: according to TechCrunch, a half-dozen victims say they’ve experienced breached accounts recently, with songs saved and played that they hadn’t ever listened to. One victim said they were even kicked out of their account in the middle of listening.

If that doesn’t sound too bad, consider that many people (stupidly, if efficiently) re-use the same passwords for many different services, and several victims reported that the hack spread to their other accounts. *Checks Uber account* “Uh oh”

This incident just reaffirms the rule we should all be living our lives by: when in doubt, look to Lebron.