CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
March 6th, 2009

Online Music Service Spotify.com Breached By Hackers

Online music service Spotify has revealed that thousands of users’ personal details may have been stolen by hackers. The service allows registered users instant access to a huge catalog of music, picking any track they choose to stream directly over the internet to their computer. The company serves more than a million users across Europe, with an estimated 250,000 in the UK alone.

According to an announcement by the service, a group of computer criminals found a loophole in the program that gave them access to some users’ passwords. Although the passwords are encrypted, Spotify confirmed that they were still potentially vulnerable to a so-called “brute force” attack to try and guess them.

“Along with passwords, registration information such as your email address, birth date, gender, postal code and billing receipt details were potentially exposed,” the company said. “Credit card numbers are not stored by us and were not at risk.”

It said that the bug in the system was spotted and fixed shortly before Christmas, meaning that only users who signed up before December 19 could be affected. It is not clear how many people were using the service at that time, since Spotify was still an invitation-only service and has grown more rapidly in the subsequent months.

No comments were made by the company regarding the breach.

Credit: Guardian.co.uk

Share this item with others:

More on CyberInsecure:
  • Spotify.com Software Hit By Malicious Third-party Advertisements, Around 9 Million Users Affected
  • DivShare Online Storage Breached, Basic Members Data Accessed By Hacker
  • University Of Massachusetts Amherst’s Health Services Network Breached By Hackers
  • LUSH Websites In Australia And New Zealand Breached, Hackers Stole Customers Billing Details
  • HEI Hotels & Resorts Point-of-Sale Systems Breached, Credit Card Data Stolen

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Online Music Service Spotify.com Breached By Hackers

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
    Click to hear an audio file of the anti-spam word