The buttons of the music streaming app Spotify, surrounded by Podcasts, Apple Music, Facebook and other apps on the screen of an iPhone.
It’s huge, it’s a first: more than 300 million user accounts of the Spotify application have been found in a hacker server. However, it seems that these passwords and information are through hijacking and manipulation by users.
VPNMentor security researchers revealed that they got their hands on an open-access ElasticSearch server last July that hosted the data of more than 300 million Spotify users.These included user names, passwords, e-mail addresses and places of residence. In total, this data represented a volume of 72 GB.
VPNMentor was able to confirm that the credentials were true.Alerted by VPNMentor, Spotify, which has more than 320 million active users worldwide, said it had not been the victim of an intrusion.
This data therefore probably belonged to hackers who collected it through the back door.They come according to VPNMentor, taken over by 01net, probably from previous flights and have been compiled to specifically target Spotify users.
Such collection of login credentials is possible, because many Internet users reuse the same passwords on different services.The utility of such a base is multiple. It allows you to sell illicit access to Premium accounts. It also allows for phishing attacks. Spotify has since reset the passwords for all affected users.
COMMENTS