At least 300,000 Spotify accounts were reportedly hacked this summer, exposing email addresses, login credentials and other user data in the process. Hacking isn't a new threat to the tech world - in fact, major brands like Twitter and Facebook have had to deal with hacking issues recently. A new report, however, sheds light on a more widespread issue that Spotify faced.
In the fourteen years since the company was founded, Spotify has established itself as a prominent music streaming service, and now claims to serve 320 million users. However, a service that large, with a user base that expansive, opens the door for companies like Spotify to become a prime target for hackers. According to a report, that's exactly what recently happened.
Research by vpnMentor uncovered a database with over 380 million records linked to between 300,000-350,000 suspected Spotify users. vpnMentor says it worked with Spotify to confirm that the database did, in fact, belong to hackers using it to defraud both Spotify and its users. The company also said it assisted Spotify with isolating the issue and protecting customers from the attack, offering a July 3-21 timeline ranging from when the database was discovered to when action against the database had finished.
How To Protect A Spotify Account From Hacking
To remedy the issue, vpnMentor said Spotify implemented what is known as a password "rolling reset" for accounts that were affected by the hack. Beyond that, Spotify does have resources dedicated to determining if an account has been hacked, and ways to secure an account against potential hacks in the future. Some important signs of a hacked Spotify account include: a password not working anymore, an email address changing, a subscription changing, playlists added (or lost), or emails regarding unrecognized logins, to name a few.
To defend against potential threats, Spotify offers a series of tips and suggestions. The company recommends that users reset their password and select a strong password that's not been used previously with other accounts. Spotify also suggests changing the password for any service or app that's associated with a specific Spotify account, including email addresses, Facebook accounts, and Apple profiles. Finally, after a password reset has occurred, Spotify suggests selecting the "SIGN OUT EVERYWHERE," option in a user's account page to clean the account of any unwanted or unknown devices.
Hacking is an unfortunate, but sometimes inevitable part of life on the internet. With that being said, there are safeguards that can be taken to try and best protect oneself against these kinds of cyber threats. Spotify's resources for securing accounts, while simple in practice, could potentially go a long way towards making sure user accounts aren't ransacked for personal information.
Source: vpnMentor