Shortly after February 10th I recieved a notification that somebody had attempted to login to my Facebook. It was location blocked. At the time I hadn't thought much of it, changed my information and carried on. I generally used different passwords for my accounts but didn't for Spotify due to the fact that they were linked. Last night I recieved notice that my account email had been changed (the email was in arabic). Now suspicious I googled my email and found it with my password on a list of over 1000 spotify accounts. I contacted support and informed them of the list and reset my account. All of my passwords have now been changed.
I'm unfaithful however that Spotify will announce this security breach. I will not be linking to the list, but a lot of the passwords on it are complex passwords. I'm fairly certain it was an actual data breach and not a brute force attempt. As such, I'm urging the community to verify their accounts are safe.