A single Spotify user has become the victim of a security breach, the company said on Tuesday.
In a blog post, Spotify said it learned of “some unauthorized access to our systems and internal company data.” However, Spotify said the attacker accessed only one user’s data, and doesn’t appear to have taken any password, financial, or payment information from that user
“We have contacted this one individual,” Spotify said. “Based on our findings, we are not aware of any increased risk to users as a result of this incident.”
Still, Spotify is asking all Android users to download a software update “as a precautionary measure against any potential ongoing risk.” In the coming days, the app will prompt all users to install the update, and may ask some users to re-login to the service. Spotify says users should be wary not to install updates from outside the Google Play Store, the Amazon Appstore or m.spotify.com.
Unfortunately, this update will delete all offline playlists. Spotify says this a necessary step to safeguard its service and users, but didn’t get into details. Users of iOS and Windows Phone appear to be in the clear.
It’s unclear what prompted the attack and whether it was specifically targeted at the one affected user, and Spotify doesn’t seem eager to explain. In this case, Spotify isn’t even suggesting that all users change their passwords. So for now, this is nothing more than a bizarre incident, one that stands out from the all–too–common hack and password reset we so often go through.
Spotify has an estimated 100,000 users in Ireland.
Ronan Murphy, CEO of IT security company Smarttech.ie, said: “This type of attack, coming so soon after the eBay breach, is yet further proof that companies need to take broad steps to ensure their users’ information is safe. As experts in cyber security we advise first of all, users to regularly change their passwords and secondly, companies to take action and invest in more advanced network security systems.
“Repeatedly we see evidence that points to the fact that Web users in Ireland and indeed globally, are using the same password for multiple web accounts and websites. The massive security weakness in this approach, means that Web users are susceptible to attack on their accounts, perhaps in an unsuspecting manner,” said Ronan Murphy CEO of Smarttech.ie
“Given the number of users Spotify and eBay have both here in Ireland and across the world, it should serve as a reminder that we can all play out part when it comes to our online and data security.”
TechHive with additional reporting by TechCentral
Subscribers 0
Fans 0
Followers 0
Followers