In the last months, numerous IT companies suffered a major data breach, including Dropbox, LinkedIn, MySpace, VK.com, and Tumblr. The criminal underground is flooded by login credentials from the above services that offered for sales by hackers.
These credentials could be used by hackers to target other services online and take over users’accounts, this is possible because users’ bad habit to share same usernames and passwords among different web services.
In response to the amazing string of data breaches, the music streaming service Spotify decided to force a password reset for a number of users. The company clarified that the measure was taken in response to the incident occurred to other firms and are not related to any problem occurred in its systems.
“Hi Spotify User
To protect your Spotify account, we’ve reset your password. This is because we believe it may have been compromised during a leak on another service with which you use the same password.” states a message sent via email to its users on Wednesday reads.
“Don’t worry! This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure,”
Spotify allows users to easily create a new password by simply clicking on a link.
In April, hundreds of Spotify account credentials appeared online on the website Pastebin, the information includes emails, usernames, passwords, account type and other details.
The popular Swedish streaming service denied any data breach and confirmed that its systems weren’t compromised by hackers. The company confirmed that it “has not been hacked” and its “user records are secure.”
“Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords.” states Spotify.
According to the Techcrunch media agency, the company security team proactively resets hacked passwords, meanwhile, a number of users are also reported problems with their accounts.
(Security Affairs – data breach, passwords)