Skip to main content

Spotify resets up to 350,000 passwords linked to third-party data leak

posted onNovember 25, 2020
by l33tdawg
Engadget
Credit: Engadget

Spotify has reportedly begun resetting the passwords of up to 350,000 accounts that were breached as the result of a credential-stuffing attack. A company called vpnMentor, as found by ZDNet, says that it discovered a treasure trove of hacked account data available online. This information was used by some nefarious types to gain access to the streaming music platform and generally cause havoc. ZDNet says that the company has now begun

Credential stuffing is the art of using data from one leak and using it to access otherwise secure accounts elsewhere. If you re-use your passwords, then if Site A is breached and hackers get hold of your email address and password, they can easily try them to access Site B. vpnMentor said that it found the cache of third-party data in July, and it notified Spotify on July 9th, at which point the streaming platform took action. It’s worth saying that Spotify itself was not breached, but that the login details were aggregated from other hacks.

As with all incidents of this type, it’s a good reminder to not re-use passwords, and make sure that you keep your passwords updated. If you don’t fancy doing that yourself, you can always avail yourself of a third-party password manager like LastPass, which also proactively warns you if your passwords show up in these sorts of databases. Spotify adds that users concerned about their privacy should head to a page with advice on how they can protect their account.

 

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th