Spotify hacked? Users report strange behaviour on their accounts

If you're wondering when exactly you decided to add so much Justin Bieber to your favourite Spotify playlist, it might not have been you at all. A growing number of Spotify users from around the world are saying their accounts have been hacked, something the music streaming service adamantly denies.

A post dated April 23, 2016, on a website called Pastebin listed hundreds of Spotify credentials. It wasn't limited to login information — in addition to emails, usernames and passwords, the post included Spotify-specific information like account type (ie. premium or family), the country in which the account was created, and when the subscription auto-renews.

Spotify said in a statement that it "has not been hacked and our user records are secure."

However, users on the list told TechCrunch that, rather than just stealing their personal information in typical hacker fashion, strangers are actually utilizing their accounts. The alleged hacking victims report that people are listening to songs on their accounts and making changes to their playlists.

More worrying, some have found their account emails changed without their permission, making it impossible for them to access their accounts and difficult for them to cancel their subscriptions.

People who made the rookie mistake of using the same login information on multiple sites are dealing with a major headache. Several are reporting that as a result of the alleged Spotify breach, their Uber, Facebook, Skype and even online bank accounts have also been illicitly accessed.

Spotify says that when it finds users' credentials made public on the web, "we first verify that they are authentic, and if they are, we immediately notify affected individuals to change their passwords."

It is possible that the service is still going through this verification process.

In the meantime, there's always cassette tapes.


Share this post