A list of Spotify accounts has appeared on the network, and from what the first reactions point, it seems that it is true.
The list appeared on Pastebin, a website that allows you to write and share plain text anonymously; It is one of the favorite websites for hackers and crackers to share compromised information.
In this case it is a list of hundreds of Spotify users, where we can clearly read their email address, their username and their password. It is unclear where it came from, but apparently the list is from real users.
What is in the Spotify account list that has been made public
It is important to note that the list is specifically for Spotify users only; It is not a list with user data that works on Spotify, but somehow it has been obtained with the certainty that all entries in the list are from users active on Spotify.The only thing that seems clear is that the attack, if any, occurred approximately on April 23.
In fact, in addition to the above data, each entry It also reveals the type of account (if it is free or if it is Premium), in addition to the country from which it is accessed and the date on which the Premium is renewed. So it’s all the data needed to steal the accounts, and that’s exactly what some of the users on the list are starting to suffer from.
Once the attacker has logged in to someone else’s Spotify account, it is easy to make it their own changing the associated email and password, and according to Techcrunch, this is what has happened to several users, who noticed that in the history of songs listened to, there were songs that they had never posted.
That at best, of course, because there are other users who were banned from their accounts and found that they could no longer log in. Fortunately, if we have suffered a similar attack, we can usually recover the account by contacting the Spotify support service.
The biggest mystery of this whole matter is the origin of this information. How is it possible that someone has obtained so many Spotify accounts, and only Spotify? The company has thrown balls outside, ensuring that it has not been hacked and that user data is secure; However, they also claim that they monitor sites like Pastebin looking for possible data from Spotify users, and that when they find them they notify users, something that has not happened according to those affected.
Although we will not link it, Spotify account list can be easily found in Pastebin, so probably all accounts have already been accessed by strangers.