According to reports, Spotify has begun resetting the passwords of user accounts that may have been compromised. Researchers discovered a fraudulent scheme, which may be a credential filling operation. An open database was discovered containing 380 million records, including login credentials and other user data related to Spotify. The affected accounts will have to reset their passwords. The research team’s report suspects that approximately 300,000 to 350,000 users have been affected by this type of hacker whose source and method are unknown.
According to a report released by the vpnMentor research team, Spotify’s goal is a possible credential filling operation, in which hackers use weak passwords. The research team discovered an open database containing 380 million records related to Spotify, including login credentials and other user data. In these records, it is suspected that approximately 300,000 to 350,000 users were affected. According to research, Spotify has initiated a “rolling reset” password for all affected users.
The database exceeds 72GB and is hosted on an insecure Elasticsearch server. At present, it is unclear where the database originated and how the fraudster targeted Spotify. It is possible that hackers stole login credentials from other platforms and tried to use them on Spotify.
The database was discovered on July 3 and was reviewed on July 9. Then Spotify was contacted, and action was taken between July 10 and July 21. On the Spotify account.
The study also mentioned that this is a common strategy used by hackers, and the company cannot do anything because it depends on the user’s password strength. Companies can help users regain control of accounts and promote safer password practices.
With more than 299 million monthly active users, Spotify is one of the most popular music and audio streaming services.
This is the best TV under Rs. 25,000? We discussed on the weekly technical podcast Orbital, you can subscribe via Apple Podcast, Google Podcast or RSS, download the episode, or click the play button below.