Spotify denies it but some users have confirmed that their account details have indeed been compromised and exposed by a yet unidentified hacker.

The number of affected accounts supposedly amounts into the "hundreds" where email addresses, passwords, account types and subscription renewal dates have appeared in data dumps since February 15.

The leaked information was posted on Pastebin by a user with the handle 'Drakia12.' Pastebin has been the place for data dumps released by popular hacking groups such as Anonymous. The Pastebin user, however, did not include other data such as payment details or credit card information.

But so far, of the "hundreds" of users said to be affected, more than 80 individual account holders on the music streaming service have confirmed that the hacked info is correct.

Spotify nonetheless is persistent that it has not been hacked.

"We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords. That is what happened this week," the company commented regarding the incident.

And because Spotify refuses to recognize that a security breach did occur, they also seem to have failed to notify affected users that their account information has been compromised. Reports reveal that there's currently a breakdown in communication within the company so we expect some resolution from Spotify soon.

Unfortunately, this isn't the first time Spotify has encountered a situation of this type. Just last November, more than a thousand email addresses and passwords were leaked following a similar hacking attack.

The reality of today's security landscape affects not just Spotify but other services like Netflix and PayPal where users' credentials are sold on the dark Web for a quick buck or two.

In this specific case with Spotify, rumors reveal that the breach is not coming from within Spotify's systems. Rather, the hack may have possibly involved using a program that combs through different password combinations to finally find a perfect match.

In cases such as this, it would be in a user's best interests to take a bit of time and make an effort to come up with a password that won't be too easily cracked by such a password-breaking program. Password managers like LastPass would be a good first step in the right direction.

Photo: Sorosh Tavakoli | Flickr

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion