Spotify Gets Hit Again

Protection against credential stuffing isn’t something that a company like Spotify should struggle with, and suffering two credential stuffing incidents in one quarter shows a sloppy attitude toward security.

As many as 100,000 of the music streaming service’s customers could face account takeover.

Spotify has returned for another appearance with a credential stuffing disaster eerily similar. This time, data for approximately 100k users appeared in an Elasticsearch instance spotted by researchers. This is distinctly different data than the load that researchers discovered in November 2020.

No specifics were listed about the stolen data, but Spotify users should reset their account passwords and be on the lookout for spear phishing attempts.

“Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. The service has forced password resets for impacted users.

Cybercriminals carrying out credential-stuffing take advantage of people who reuse the same passwords across multiple online accounts. Attackers simply build automated scripts that systematically try stolen IDs and passwords (either gleaned from a breach of another company or website, or purchased online) against various types of accounts.”

Get In Touch

Share On Social Media

Other Recent Blog Articles

The Tariff Tango: How Import Taxes Can Impact Your Computer Gear

April 22, 2025

In today’s interconnected world, the price tag on your laptop, monitor, or even that trusty keyboard often reflects a global journey of components and assembly. But what happens when governments…

Read More

From Stumptown to Secure Town: Tech Protection for Portland Small Businesses

April 22, 2025

As a small business owner in the vibrant Portland metro area, you’re likely juggling a million things. From serving your customers to managing your team and keeping a close eye…

Read More

The Perils of Public Wi-Fi: Are You Browsing Dangerously? (And How a VPN Can Be Your Digital Shield)

April 18, 2025

That free Wi-Fi at the coffee shop, the airport, or even your hotel might seem like a convenient way to stay connected. But beneath that welcoming signal lies a potential…

Read More