So last week I'd noticed an issue while I was at the gym that some people have reported on. My songs would stop while I was in the middle of them, and when I investigated my playlist and "my songs" I noticed that everyone was gone and replaced by random crap I never put there. I was constantly getting switched over to some other device that I didn't recognize. However, it was a busy day and I forgot about the issue until today when I'm tracking my financial data for the last few months. Since the end of August I have had about 18 unauthorized charges to my credit card totalling roughly $350 - all under the same entity that charges me my monthly Spotify subscription. These dollar amounts all range from $5-$50, none of the values repeated. When I opened my account I also noticed that my email address had been changed and because I originally created my Spotify account from Facebook and that's how it's linked I can't even seem to get my password or email address changed, as they aren't the same as my Facebook credentials.
I've submitted an anonymous support ticket with my personal email address that I'm hoping will get some traction but this is currently a heads up call and public service announcment to anyone that has noticed their account has been "hacked" and has ever put their financial information into Spotify. There is a serious vulnerability in their software and I would hope this gets stickied because I'm already out hundreds of dollars that I'm not sure will be reimbursed and if it happened to me I can guarantee I'm not alone. Spotify is not safe, my financial information on Spotify is not safe, and I'm mad about it.
Want to update that my Chase account doesn't seem to have the fraudulent transactions, and that it only seems to be identifying the true monthly subscription charges. However, I noticed these fraudulent transactions via my Mint.com budget that apparently doesn't retroactively update itself when charges are removed. So, it seems that some financial institutions have identified and are blocking these fraudulent purchases from affecting ones account, however that doesn't mean that all forms of payment and banks will. Still want people who have had their Spotify accounts compromised and who have linked financial information to them to check their bank statements and watch out.