Blog Layout

Some Spotify Users Reporting Possible Hacking Of Their Account

sccomputerguys • Dec 09, 2020

Are you a Spotify user? If so, you've got plenty of company. It's one of the shining success stories on the web, and has grown to become one of the most popular music streaming services available.

Unfortunately, that also makes it a target, and recently, researchers at VPNMentor discovered a database of more than 300,000 Spotify user names and passwords available for free on the Dark Web.

No information is available about how the database was collected, but since it's freely available, hackers of all stripes have been making regular use of it to try and force their way into user accounts. Sadly, it appears that a significant percentage of the records on the database contain working passwords.

There has been a low-level hum of complaints from Spotify's massive user base about accounts being hacked. Playlists being deleted, new playlists appearing out of nowhere, and the like, but there's never been any discernable pattern to these complaints. The recent discovery of the database on the Dark Web provides the missing puzzle piece and adds context to those complaints.

Somehow, even though the company has reported no recent breaches, a large number of user records wound up on the Dark Web, and are actively being used by hackers around the world to cause mischief.

VPNMentor immediately notified Spotify about their discovery and the company took prompt action, forcing a password reset on any account found on the database, so if you recently logged in and found that you were forced to change your password, now you know the reason why.

It was a good move, and a safe move, but there's more to this story.

For more than a year now, Spotify's users have been clamoring for two-factor authentication, and to date, the company has not seen fit to offer it. If it had been available, this never would have been an issue to begin with.

Given Spotify's track record of innovation and general responsiveness to their user base, the lack of 2FA stands out as a glaring black mark on what is otherwise an outstanding record. Here's hoping the company remedies that soon. In the meanwhile, if it's been a while since you logged onto your account, and you're asked to change your password, the database on the Dark Web is almost certainly the reason why.

You May Need To Replace Old Cisco VPN Routers

By sccomputerguys 22 Jul, 2022
Do you own one or more of the following products made by Cisco? The RV110W Wireless-N VPN Firewall The RV130 VPN Router The RV130W Wireless-N Multifunction VPN Router The RV215W Wireless-N VPN ...

Some Requested Features May Be Coming To Microsoft Teams

By sccomputerguys 21 Jul, 2022
Do you use Microsoft Teams?  If so, you'll be thrilled to know that the Redmond Giant is continuing to pour resources into improving the software with a specific focus on audio and ...

It May Be Time To Update Your Business Logo

By sccomputerguys 20 Jul, 2022
Corporate branding can be worth its weight in gold and certain images are absolutely iconic.  The Golden Arches, the Nike "swoosh," and Apple's Apple all come to mind. Logo images give companies ...

Researchers Find New CPU Security Vulnerability

By sccomputerguys 19 Jul, 2022
Remember the Heartbleed scare we had a couple years back?  It was a nasty side-channel attack that was somewhat exotic and difficult to pull off, and it was absolutely devastating and sent ...

Ransomware Hackers Have Set Their Sights On Exchange Servers

By sccomputerguys 18 Jul, 2022
Microsoft Exchange servers are once more in the crosshairs of hackers around the world.  Most recently, hacking groups have been specifically targeting them to deploy BlackCat ransomware. As is common among ransomware ...

The Surprising Ways Mobile Technology Impacts Our Lives

By sccomputerguys 16 Jul, 2022
If you grew up in the days before the internet, it's absolutely staggering to think of all the ways that mobile technology has changed our lives (and mostly for the better). Remember ...

Edge Will Replace Internet Explorer After It Is Gone

By sccomputerguys 15 Jul, 2022
It may seem as though Internet Explorer is the browser that will not die, but according to Microsoft, it is now a step closer to breathing its last virtual breath. Microsoft has ...

New Panchan Botnet Targets Linux Servers

By sccomputerguys 14 Jul, 2022
If you're involved with IT Security at any level and if your network includes Linux servers, keep a watchful eye out for the new Panchan botnet. It first appeared in the wilds ...

How To Protect Your Company With Cybersecurity Awareness

By sccomputerguys 13 Jul, 2022
These days, companies spend significant sums of money to protect themselves from cyber criminals.  The threat matrix is vast, and attacks can come from almost any quarter. That is why many companies ...

Data Breach Hits One Of America’s Largest Healthcare Providers

By sccomputerguys 12 Jul, 2022
Do you receive healthcare of any kind from Kaiser Permanente?  If so, be aware that they recently published a data breach notification indicating that an unidentified attacker accessed an email account that ...
More Posts
Share by: