Has Spotify been hacked? Despite their reports to the contrary, the usernames, passwords, emails, and other information of hundreds Spotify users has shown up on the website Pastebin. The accounts on the list are not limited to the United States; rather, it appears that users all over the world have been affected.
Spotify insists that they have not been hacked and that customer information remains secure. If this is the case, then where did this list originate? It is unclear. It could be a list of details that is just surfacing now but was obtained from an earlier incident. In late 2015, Spotify was hacked, and thousands of user accounts were compromised. They also reported an incident in mid 2014. TechCrunch reportedly contacted some of the victims and has received reports from some of those users that their accounts were breached as recently as last week. The post on Pastebin is dated April 23. One thing is for sure: the information on the leaked list is unique to Spotify. Subscription types and renewal dates are among the posted data.
Not only has the personal account information been revealed, but some Spotify users reported odd things happening to their playlists. One reported that songs have been appearing on their "recently played" lists that they have not listened to. Another reports that songs he has not saved have been added to his "saved songs" list. Others are reporting that they have been disconnected from the service or that their emails have been changed, and they are locked out of their accounts.
When TechCrunch reached out to Spotify, they received the following statement:
Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords.
This could mean that the company is undergoing the process of authenticating credentials, which would take a little time. Despite Spotify's stance on the issue, the compelling evidence reported by users remains. One thing is sure: if you have a Spotify account, keep a close eye on the activity and change your password.