Spotify Reports Hack of Accounts, and since it’s one of the shining success stories on the web, it has grown to become one of the most popular music streaming services available. Spotify has also become a target for hackers.
Recently, researchers at VPNMentor discovered a database of more than 300,000 Spotify user names and passwords available for free on the Dark Web.
No information is available about how the report of Spotify hack accounts. Still, since it’s freely available, hackers of all stripes have been reporting regular use of it to try and force their way into user accounts. Sadly, it appears that a significant percentage of the records on the database contains working passwords.
There has been a low-level hum of complaints from Spotify’s massive Account user base concerning suspicious activity. Deletion of Playlists, new playlists appearing out of nowhere, but there’s never been any discernable pattern to these complaints. The recent report of the Dark Web database provides the missing puzzle piece and adds context to those complaints.
Somehow, even though Spotify has reported no recent hacks, many user records wound up on the Dark Web and are actively being used by hackers worldwide to cause mischief.
VPNMentor immediately notified Spotify about their discovery. The company took prompt action, forcing a password reset on any account found on the database, so if you recently logged into your Spotify account and you had to change your password, now you know the reason.
It was a good move and a safe move for Spotify to make, but there’s more to this story.
Two Factor Authentication
For more than a year now, Spotify’s users have been clamoring for two-factor authentication, and to date, the company has not seen fit to offer it. If the two-factor authentication had been available, hackers never would have been an issue.
Given Spotify’s track record of innovation and general responsiveness to its user base, the lack of 2FA stands out as a glaring black mark on what is otherwise an outstanding record. Here’s hoping the company remedies that soon. If you haven’t logged onto your Spotify account recently and need to change your password, hackers, database on the Dark Web is almost certainly why.