Spotify Community

Are you actually serious?

Hey @Zeatrix.

Thanks for getting back to us.

We understand you are using an antivirus. We recommend however to update your antivirus to the newest build. Then run a full system scan en update the password to the email address associated with your Spotify account.

What you could consider next, is to create a new account. No worries, if you make sure your music collection is stored in public playlists, you can visit your old account with your new account and grab all your songs from there. You can visit your old account by putting the following string in the search bar:  spotify:user:username

Don't forget to replace username with your own username. Oh and by the way, If you want to use the same email address for your new account, you'll have to close your old account. You'll have 7 days to visit your old account and find your music there.

We hope you'd like to try this! It's a lot quicker than it might seem. Let us know if you have further questions.

Have a nice day.

I'm having the same problem. It seems odd that it occurred around the same time as you and also with Firefox Web Player. This can't be a coincedence, so I'm wondering if it's a bug in the system or even a virus affecting Spotify users. I hope the Spotify staff can recognize a pattern is happening here and discover the root cause of this problem.

Do you see any pattern in the music that's playing? I don't know if that may be relevant, but for some reason it generally sounds like minimalist ambient/noise when it switches on mine, and it's always an album instead of a single song or playlist.

But to clarify for Spotify staff, I start playing some music on my desktop Spotify on my MacBook Air using the most recent iOS. It will randomly switch to Web Player Firefox, which is not installed on my computer or any other device, with a completely different album that I've never seen, played, or queued. At first the audio is mute, but it will unmute once I switch it back to my device.

Hi Guido, thanks for the answer. I always have my Kaspersky Premium updated (for safety reasons I double checked). I did a full system scan as soon as I saw my account was compromised, and it found nothing. I reguraly change the email password associated with Spotify, it has 2FA enabled (why doesn't Spotify has this option?), and I often check if there's been any activity or login attempts on my account.

I don't know whether I'll open a new account. I recently resubcribed to your student offer on this account. Can I still use your student discount on a new account?

Hi LukeLorenc,

I'm also very much suspecting that this is an issue with Spotify and not us. I'm not the average computer-user (not that this makes me immune to breaches). I haven't heard the music the hacker is playing, but like you it seems like it's always an album.

Haha, well, if this is a breach in their security or a major bug, they should care. Otherwise, I heard Pandora is a pretty good music player...

Hey folks,

We appreciate your concerns. To be clear, Spotify has not been compromised and your data is secure. We take many precautions to make sure our users details are safe such as monitoring Pastebin and other sites regularly.

When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords.

We have some helpful suggestions on what to do if someone else manages to gain access to your account here. Also, our support team will be able to help out in any similar instances and assist you in securing your account so that you'll be able to start enjoying your music again as soon as possible. Feel free to reach out to them.

Let us know if there's anything else.

For the love of god please stop directing me/us to those sites. I don't know if you're denying what I say or simply don't read the post, but I've already followed those steps more than once.

It doesn't change anything.

Like I said, the person who's hacking my Spotify account doesn't try to change my password or take over my account in any way, he just uses my account. Changing password and signing out everywhere doesn't help. It's as if he's not affected by any of the steps I take (which is why we are suspecting that this an issue with Spotify, perhaps a weakness in your software).

I'm repeating myself now, but I already contacted your support team. He couldn't do anything other than what I already did myself (changing password and signing out everywhere).

I'd like to know what you mean with "when we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords." I have never been notified, nor is my computer affected by any forms of intrusions (I've triple-checked everything), and yet my account is still hacked. 

You say that you take many precautions, but where is 2FA? Literally every company that takes itself serious these days offers this option. Likewise, I suspect the hacker is from South America based on his music (definitely not Denmark). Why doesn't your system recognize suspecious activity, when someone's Spotify is being used exclusively in one geographical area, and then a few minutes later it's suddenly being used thousands miles away?

I'm sorry for the negative tone, but this is frustrating. My account hasn't been abused for a week now though, but I'm still far from certain that I've seen the end of this.

I've discovered some other problems
 
Although a completely different album is played, it's never been a playlist. At first, I thought this may not be a significant difference, but I suspect there's a reason why it's always an album. 
 
I looked at one of the albums that the hacker played, and it  seems it was also by an artist from South America, but could be from another Spanish-speaking country. This leads me to believe it's the same hacker affecting Zeatrix.
 
I've also spotted some unusual data about all of these artists. They generally have over 50,000 monthly listeners and over 25,000 listeners in Dallas, but very few followers. Many of the artist pages are not verified either. When going into the "Fans Also Like" pages, I see these same artists. Many of them are also signed up to the record label Spinnup; I'd say at least 70%. It's an "open" record label, meaning virtually anyone can pay a monthly fee to distribute music across various platforms.

 
This may make me sound crazy, but could this be some sort of viral marketing tactic? Spinnup seems to be targeting Spotify more than other platforms according to its website. Maybe they're trying to artificially boost listener numbers for their artists? 
 
To Jemi, I do appreciate your help and understand this may be a difficult issue, so I hope we can resolve this together.

This is happening to me too now. I also had the 2 other members of my Premium Family account kicked out. When I went to reinvite them, there was an invite pending to what looked like a spammy email address.

I can't reset or change my Spotify password. This is honestly embarassing.

This isn't an answer... this is a total lack of literacy.

"log out of everywhere" and change the password are NOT working.

Did you even read the O.P.??

This isn't a solution.  Stop re-directing legitimate problems to the same non-solution: "log out everywhere," and change password.

The other person using my account is using the devince "PS4 - 268"

I don't have a PS4, I'm not in to gaming, I'd never "like" the artists this other person is liking.

Why doesn't Spotify force an email verification before associating that email address with an account!?  I verified my email to post here, but not to use Spotify itself?!

I am not a robot.

Agreed!

No one is taking this seriously.

Spotify's authentication is totally absent.

"Logging out everywhere," and changing my password is not doing anything!

I am repeatedly kicked out of the use of Spotify by someone else on the devince "PS4 - 268".

At the very least, why is Spotify not sending verification of email address checks before allowing someone to use anyone else's email address?

Before you close your account, use this to help move your playlists over to your new account with minimal amount of stress and maximum comfortability.