Security breach in Spotify premium accounts

Reply

Re: Security breach in Spotify premium accounts

Jannis9494
Newbie

Exactly the same thing happened to me.

 

I was also alerted by haveibeenpwned today.

All the hacked contacts were spotigy premium members.

 

This is outrageous and I will take this up with my press connections,

 

Kind regards

 

Cfr link

https://pastebin.com/HUdMa8Rx

Re: Security breach in Spotify premium accounts

Rock Star 22
Rock Star 22

Hey @Jannis9494@matthewmotamedi@Vicctc@Cota@Jannis9494.

 

I understand how you guys feel about your accounts being part of a security breach. Spotify can assure you, as mentioned in this support article stating: 'We can assure you that our platform and user records are totally secure. Account takeovers usually happen because of a breach on another service. If you use the same password for several services, they all have the potential to be compromised if one has a security breach'. 

 

I'd recommend checking out this guide for some more steps on protecting your account so that only you have access to it.

 

I hope this helps! If you need help with anything else, feel free to start a new thread and the community will be happy to help :) 

Billy-JRock Star 22
Help others find this answer and click "Accept as Solution".
If you appreciate my answer, maybe give me a Like.
Note: I'm not a Spotify employee.

Re: Security breach in Spotify premium accounts

Insane666
Newbie

This week someone also logged into my account, changed password and all of my playlists! I was mad because i've been working on my playlist for ages haha. But isn't there like an 2auth stuff? So your account is more protected.

Re: Security breach in Spotify premium accounts

G_Loc
Gig Goer

@matthewmotamedi - My account was compromised as well.  Was listening to Spotify on my laptop this morning when I got notification that my music was playing on some device that I do not own.  HaveIBeenPwned indicated that my e-mail address was found in a 3 day old pastebin (removed already) which contained 366 other e-mail addresses.  I was able to find a hacking forum which listed the raw contents of the pastebin and sure enough, my Spotify credentials are listed.

 

Since it wasn't the same one you listed, I wonder if they've compromised thousands of accounts and are only releasing the login credentials little by little so that they don't arouse suspicion?

Re: Security breach in Spotify premium accounts

anecdote_queen
Casual Listener

Hi

And me. 

Got an email in French saying my account email and password had been changed. Had to reset my account. then this week I get a notification from "have i been pwned" saying that my spotify account details have been posted in a pastebin, as with the other users on this thread. 

I am frustrated by Spotify's lack of announcement on this, and lack of apology or information on what happened.

Surely sign in security could be increased if there is a known issue going back months as on this thread. just add a step to get email address and password address change verified via users email. 

I have logged  a support chat asking for full explanation of how my data was lost. 

Sarah

 

Re: Security breach in Spotify premium accounts

kirps
Casual Listener

Same here.  I was trying to listen to music when only the free option was only available to me. I have a family premium account. When I logged in I can see my wifes names was listed twice. One with her email address and the other with zasad89@**bleep**.com. Reset all my passwords and all user accounts passwords.

 

2 days later which is today I have got another bogus account wiht my name and the email address was elafifaco-7792@**bleep**.com. 

 

Both accounts were **bleep**.com.  Been throguh the spotify support chat where the guys just reset my password again which I did 2 days ago and hope for the best. 

Highlighted

Re: Security breach in Spotify premium accounts

kirps
Casual Listener

Why is yop mail  beeing **bleep**

 

I think Spotify have been hacked and trying to keep it quite.  That email address is nortoriuos for people hacked as when I googled it SOny was hacked with this email host.

Re: Security breach in Spotify premium accounts

jono_83
Newbie

My premium got hijacked late August/early September! I knew things were weird (where the f*** are these playlists coming from?!) but didn't realize what was happening until October 2 when they changed switched me to a family plan! Spotify's customer service handled it totally great when I called, and I appreciate that.  I was baffled at the time as to how it happened BUT THEN THIS WEEK I google my email to see what comes up and in the first two pages was a dump of spotify usernames and passwords!! There was my email and my password, in plain text! The page isn't even sneaky about what it is! It's a whole bunch of spotify logins! If there was a breach and they said nothind that's pretty shitty.

Re: Security breach in Spotify premium accounts

user-removed
Not applicable

Spotofy is in breach of the General Data Protection Act by not taking steps to notified those concered of the hack.

 

Article 34(1) states:


The GDPR states that communication of a breach to individuals should be made without undue delay,” which means as soon as possible. The main objective of notification to individuals is to provide specific information about steps they should take to protect themselves.




Re: Security breach in Spotify premium accounts

anecdote_queen
Casual Listener

I have now also googled my email address and all my spotify account details are there including my date of birth and password in plain text. 

I have now spent the whole weekend using last pass to start to change all my passwords... 

SUGGESTED POSTS