cyber Cyber Attack

Spotify

Jul 9, 2023 1 min read
Spotify

Hackers have been attempting to gain access to Spotify accounts using a database of 380 million records with login credentials and personal information collected from various sources.

Users have expressed concern that their Spotify accounts were compromised after changing their passwords, when new playlists appeared in their profiles, or when strangers from other countries were added to their family accounts.

A recent study describing the active hacking of Spotify accounts using a database of over 380 million records, including login information, may shed some light on these account hacks.

Source: https://www.bleepingcomputer.com/news/security/over-300k-spotify-accounts-hacked-in-credential-stuffing-attack/

TPRM report: https://scoringcyber.rankiteo.com/company/spotify

"id": "spo14929523",
"linkid": "spotify",
"type": "Data Leak",
"date": "11/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Music Streaming',
                        'name': 'Spotify',
                        'type': 'Company'}],
 'attack_vector': 'Credential Stuffing',
 'data_breach': {'number_of_records_exposed': 380000000,
                 'type_of_data_compromised': ['Login Credentials',
                                              'Personal Information']},
 'description': 'Hackers have been attempting to gain access to Spotify '
                'accounts using a database of 380 million records with login '
                'credentials and personal information collected from various '
                'sources. Users have expressed concern that their Spotify '
                'accounts were compromised after changing their passwords, '
                'when new playlists appeared in their profiles, or when '
                'strangers from other countries were added to their family '
                'accounts. A recent study describing the active hacking of '
                'Spotify accounts using a database of over 380 million '
                'records, including login information, may shed some light on '
                'these account hacks.',
 'impact': {'customer_complaints': 'Users expressed concern about account '
                                   'compromises',
            'data_compromised': ['Login Credentials', 'Personal Information']},
 'initial_access_broker': {'entry_point': 'Credential Stuffing'},
 'motivation': ['Unauthorized Access', 'Personal Information Theft'],
 'title': 'Attempted Unauthorized Access to Spotify Accounts',
 'type': 'Account Compromise',
 'vulnerability_exploited': 'Weak or Reused Passwords'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.