Notification Center

This is our new notification center. Inside, you will find updates on the most important things happening right now.

Notifications

Hmm, push notifications seem to be disabled in your browser. You can enable them from the 'Settings' icon in the URL bar of your browser.

www.phonearena.com

Spotify resets 350,000 passwords after a data leak

0
Spotify resets 350,000 passwords after a data leak
Security researchers have found an unencrypted 72GB database online, containing more than 380 million passwords online, ZDNet reports. Noam Rotem and Ran Locar stumbled upon the database during a web mapping project. After investigating the situation the duo found out that the breach contains "login credentials and other user data being validated against the Spotify service."

The origins of the password records are unknown but Rotem and Locar think that the database was compiled from different sources, including stolen data dumps. The leaked data can be potentially used to hijack Spotify accounts that use the same passwords as other services - the attack is called “credential stuffing”.

"These credentials were most likely obtained illegally or potentially leaked from other sources that were repurposed for credential stuffing attacks against Spotify," Rotem and Locar said.

The issue was discovered back in the Summer and reported to Spotify promptly. The music streaming service then initiated a password reset to more than 350,000 accounts to mitigate the risk of accounts being compromised and/or hijacked. It seems that the issue is resolved by now without complications but such leaks remind us once again not to use the same passwords with different services on the web.

New reasons to get excited every week

Get the most important news, reviews and deals in mobile tech delivered straight to your inbox

FCC OKs Cingular\'s purchase of AT&T Wireless