Spotify Hacked? Thousands Of Accounts’ Login Credentials Released By The Leak Boat
UPDATE: Monday, May 25 — In a statement to International Business Times regarding the alleged release of Spotify user account information by Leak Boat, Spotify said the company has not experienced a security breach and that its user records are secure.
"We do however pay attention to breaches of other services, and take steps to help our users secure their Spotify accounts when those occur, because many people use the same login and password combination for multiple services," Spotify said. "Therefore, we review sites such as Pastebin and others for leaked user credentials which might be used to access Spotify. Having become aware of such a security breach, Spotify's security team identified that some of the leaked user credentials might correspond to Spotify accounts. We take a proactive approach to security and have reset all of the relevant passwords and sent the customers an email asking them to create a new one."
UPDATE: 7 a.m. EDT — According to some other hackers and people familiar with such matters, the alleged Spotify hack is actually just a dump of reused passwords, and the lack of complex passwords in the list was mentioned as one of the proofs for the claim.
If true, and your account details are in that list, it is all the more reason for you to change your password to a complex, secure one. And you should do that not only on Spotify, but for all your online accounts.
Original story:
Late Monday night, a hacking group revealed the login credentials of thousands of Spotify accounts. In its announcement on Twitter, the Leak Boat said it was 9,000 accounts, but the page that listed all the account details had information of fewer than 6,500 Spotify subscribers.
The group, which has previously released hacked accounts from various websites, as well as private videos and photographs of several celebrities, posted the information on a publicly available website. To check the authenticity of the claim, the International Business Times tried a few randomly chosen username and password combinations, and they all gave access to the Spotify subscribers’ accounts.
To know if your account was among the 6,410 that are listed on this public page, head over to it and check for your username. If you find your login information on the page, and don’t want it compromised any further, we recommend you change your password immediately. And if you use the same login credentials, especially the same password, on any other websites, we recommend you change those too. Otherwise, you run the risk of having your other online accounts being compromised as well.
The Spotify users hacked Monday night are from all over the world.
International Business Times has reached out to Spotify for comment, but the music streaming service has yet to respond.
Following the Spotify leak, the Leak Boat also invoked recently ousted FBI Director James Comey, in a sarcastic bid to reassure anyone worried by its activities.
Members of the Leak Boat seem to have been busy Monday night. They also released a few login credentials for wizard101.com, a website to play a wizard game. The group said it was for kids to enjoy.
If you have an account on the website, you can check if you were compromised by checking for your login details on this page. If your account was hacked, you should consider changing your password not just on wizard101.com but on all other websites where you use the same password.
Shortly before leaking the Spotify accounts, the group, whose Twitter handle is @SecTeamSix_, said it was considering starting a “Lulzcalypse” — a reference to starting an apocalyptic storm of leaks, only for laughs, at least as seen from its point of view. In later tweets, the group referred to it as a “Leakocalypse,” presumably not finding it all so funny anymore.
But the very next tweet after the “Lulzocalypse” one from the group said it would release 10 more private videos and/or photographs of celebrities, if it reached 600 followers on the social media platform.
The group had 490 followers on Twitter at the time this story was written.
Update, 12:10 p.m. May 24: A site called AfterDawn says it has developed a tool to check if your Spotify account, password or email address has been leaked. "Our tool contains only the account names of the leaked accounts, so you can simply search for your Spotify account name to see if you were among those that were hit by the leak."
© Copyright IBTimes 2024. All rights reserved.