News: 380 Million Records hacked in Spotify
News: 380 Million Records hacked in Spotify
The hackers targeted the Sweden-based Company Spotify this time with 380 Million Records hacked.
The music streaming platform is reportedly being hit by a “credential stuffing” attack. This could allow hackers to take over user accounts, disrupting playlists, and profiles, with around 380 million Spotify accounts at risk.
According to the news in Techradar, The exposed database belonged to a 3rd party that was using it to store Spotify login credentials. These credentials were most likely obtained illegally or potentially leaked from other sources that were repurposed for credential stuffing attacks against Spotify.
What Data is Leaked?
A lot of the database records contained information about potential Spotify users, such as their Personally Identifiable Information (PII) data and Spotify login credentials.
This included:
- Account usernames and passwords verified on Spotify
- Email addresses
- Countries of residence
Numerous server IP addresses are also exposed in the leak.
Consequences of the 380 Million Records hacked
The hackers could use the exposed database in many criminal schemes. Any of these parties could use the PII data exposed to identify Spotify users through their social media accounts.
With this information, criminals could pursue several activities to defraud and hack Spotify users.
Financial Loss
Hackers could use the exposed 380 Million Records hacked in Spotify to identify users across other platforms and social media accounts. With this information, they could build complex profiles of users worldwide. And target them for numerous forms of financial fraud and identity theft.
They could also use the stolen credentials to access a user’s account and take advantage of digital services paid for by the originally authenticated user (e.g., Spotify’s Premium service).
Advice from RCDevs
If you reused your Spotify password on any other accounts, change it immediately to protect them from hacking.
This is a common tactic used by cybercriminals to access private accounts on popular platforms like Spotify, and most online businesses.
The major reason behind this is the common use of weak passwords by so many consumers online. Companies cannot prevent this from occurring since they do not control the passwords that consumers use (and re-use) online.
You need to be alert while using the internet. We recommend using Multi-factor Authentication, just to make sure that you never have to face such data breach issues like Spotify users.
RCDevs, provide free Multi-Factor Authentication and many other products to have internet security and data breach free credentials for you. Contact the expert or Download for free Now!