Hundreds of thousands of Spotify users hacked in credential-stuffing incident

The company has reset the passwords for all affected accounts.

Public sources report that 300,000–350,000 Spotify accounts have been hacked by malefactors using credential-stuffing methods. The cybercriminals likely used a database of 380 million records compiled from various breaches of other resources to break in to users’ accounts. The database includes fields for e-mails and passwords, as well as one that identifies which credentials let one log in to the user’s Spotify account.

The company has reset passwords for all affected users as a countermeasure, thus making the database in question useless for malefactors.

What you can do:

  • Never reuse your password across services. Use a unique and strong password for every website and app with which you have an account.
  • If you use your Spotify password on any other services, change it everywhere.
  • Stay alert to possible phishing attacks; hackers may leverage the accessed personal information for scams.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Penelope Burns

Write | Blog | Create | Earn

Jamila's Blog

Believe in yourself!

Techster's Blog

Exploring the world of Intel NUCs

JG Technology Blog


Discover WordPress

A daily selection of the best content published on WordPress, collected for you by humans who love to read.

The Atavist Magazine

Imagine...Build...Succeed News

The latest news on and the WordPress community.

%d bloggers like this: