This time, hackers targeted the popular music streaming platform Spotify. Led by Noam Rotem and Ran Locar, vpnMentor’s research team has discovered a possible credential stuffing operation whose origins are unknown, but that affected some online users who also have Spotify accounts. According to preliminary determinations, 300 thousand accounts were hacked.
While the hacked database contains email addresses, passwords, and other user information, there is a total of 72 GB of Spotify user data. According to a report, most of the hacked accounts belong to the ‘premium’, that is, people registered in the paid subscription system.
Spotify officials suggested that after the hack, users change their passwords and not use the same passwords on other platforms.
“Working with Spotify, we confirmed that the database belonged to a group or individual using it to defraud Spotify and its users. We also helped the company isolate the issue and ensure its customers were safe from attack.” vpnMentor said in a statement.