This is most interesting. I was hacked yesterday. I was listening to Spotify at the time, so hacker didn't have chance to change password, although they did convert my Premium account to Family Premium, increasing my Spotify Premium Student Subscription from £4.99p/m to £14.99p/m and inviting one of their friends to the service (which I managed to cancel). Spotify Help chat basically told me they needed to close my account and that I'd have to re-apply for Premium Student, which is entirely unjust as my discount was due to run until March 2018, yet Spotify no longer accept NUS Extra Cardholders for student discount.
I can't see my username/email/password on the list though (password was Lastpass generated), which makes me wonder if there are more data dumps avialable or on the way?
The right folks are aware of this. Spotify can assure that their platform and user records are totally secure. Account takeovers usually happen because of a breach on another service. If you use the same password for several services, they all have the potential to be compromised if one has a security breach. That's why it might show up in these 'pastes'. Let me know if you have any other questions.
I understand your frustration. I recommend following these steps to keep your account secure. Also, I recommend adding your vote to this idea, if you'd like to see 2-FA on Spotify. Let me know if there's anything else.