Thousands of Spotify users just learned the hard way why you shouldn’t reuse passwords.
Cybersecurity company VPNMentor has discovered an improperly-secured database containing email addresses, passwords, account names, and other personal information for thousands of Spotify accounts. Hackers compiled this data with help from other leaks, or via credential stuffing, rather than directly attacking Spotify itself; this mining operation nevertheless allowed them to successfully break into over 300,000 accounts.
In response to the leak, Spotify issued forced password resets to the 300,000 affected accounts back in July, but not everyone followed through. If you haven’t signed into Spotify in a while, it’s probably worth updating your password right now. So is turning on two-factor authentication and installing an encrypted password manager.
Don’t assume you’re safe if Spotify hasn’t made you reset your password yet, however: According to VPNMentor, the database is still actively used by hackers, so further attacks are possible. There are likely a lot more Spotify users who use the same email, username, and password on multiple apps or websites, and even more who use easily-accessible information as their passwords—stuff like their street address, name, birthdate, etc. Those details can also be compromised by data leaks, or with a little social engineering.
If a hacker got in, they could take over your Spotify account for themselves and siphon off your personal information for use elsewhere. This is even more problematic for Spotify users who log in using their Facebook, Google, or Apple accounts, since they store so much personal information and link up with dozens of other apps.
Take this as a canary-in-the-coal-mine situation and update your Spotify password to something stronger. It’s also important to routinely perform password checkups, and to check your accounts using HaveIBeenPwned. Many password managers include built-in password health checks as well.
Lastly, turn on two-factor authentication (2FA). I know, adding an extra login step is annoying, but it’s worth it. Even unique, hard-to-guess passwords securely stored in password managers can be compromised by data leaks, and 2FA can prevent and/or alert you of attempted account break-ins.
[TechRadar]
One of Zoom’s best features is finally available in Google Meet: Virtual backgrounds. For now, you’ll only get it if you’re using Google Meet via a de
Google is testing a new Read Later feature that lets users save articles and other links they come across and want to, well, read later. Saved links a
As you’re hunkered down for the second winter in a row, you may be running out of things to keep yourself occupied. You’ve watched all the shows, done
Whether the loophole lasts a day, month, or forever, a new “Facebook Email Search” program again shows why you might not want to use your regular emai
The public beta for iOS 15 and iPadOS 15 starts sometime in July, but users can get their hands on Apple’s new mobile operating systems even earlier b
Listen, we’re not here to judge or ask questions. You need to clear your recent browsing history—and fast. Lucky for you, we can help. Whether you use
With every new data breach or controversy that comes out of the Facebook corporation, you may consider anew simply deleting your account and all your
macOS Monterey might seem like nothing but a minor, iterative OS release. On the surface, its biggest new features—SharePlay, Focus, Shortcuts—are all
We are a comprehensive and trusted information platform dedicated to delivering high-quality content across a wide range of topics, including society, technology, business, health, culture, and entertainment.
From breaking news to in-depth reports, we adhere to the principles of accuracy and diverse perspectives, helping readers find clarity and reliability in today’s fast-paced information landscape.
Our goal is to be a dependable source of knowledge for every reader—making information not only accessible but truly trustworthy. Looking ahead, we will continue to enhance our content and services, connecting the world and delivering value.
