Hundreds of Spotify premium accounts have ended up online, complete with details: username, password, account type, email addresses and other information. However, the Swedish streaming company denied that there has been a security breach and user information is secure and intact.
It is not clear yet If this is a new incident with the company or the result of a previous hacking that happened before. In order to check if the accounts are real or simply bogus accounts, TechCrunch decided to get in touch with Spotify members via the email addresses that were found online. Several replied back to their query, confirming that they are members. The list also shows that it is not only specific to U.S.-based accounts, members from other parts of the world were also on the list.
The report also added that they have reached out to Spotify to give light to the matter, with the company denying any security breach.
"Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords," the Sweden-based company's official reply to the query says.
However, the email respondents also said more. They have experienced that unusual things had happened to their accounts before the online magazine contacted them. Songs have been added to their saved song list and they are 100 percent sure that they did not add the song. Another member noticed "recently played" audio tracks which are unfamiliar, prompting the member to change the Spotify password immediately and to log out all devices.
The list was posted on April 23, but email respondents mentioned that they have noticed unusual things with their streaming accounts days before the they were contacted by the publication.
It is also worth noting that many users use the same password on several websites, thus, their Facebook, Skype, Uber and even bank accounts have been tampered.
Online security experts have been reminding internet users for quite a time already that each online account must have a different password for such issues similar to this recent Spotify security breach.
Spotify hasn't issued any official statement aside from what TechCrunch has received.
