Over 300,000 Spotify accounts may have been compromised through a credential stuffing attack this year, reports VPNMentor. They said that hackers were using a stolen database with over 300 million user records to breach Spotify accounts and resell their access for profits. Spotify has reset all such impacted accounts.
Breaching Over 300,000 Spotify Accounts
As we’re hearing more about the Spotify users complaining about new playlists, random users being added, etc, VPNMentor has come up with a fair exploration for that. As per its report, hackers have been using a database worth 300 million user records to breach Spotify accounts through the credential stuffing.
Credential Stuffing is a guessing technique made to access online accounts that have the same credentials as others. Users who use the same login details (username/password) for two or more online accounts will are subjected to these kinds of attacks, as hackers take a database of all possible credentials to try matching them against all such online accounts.
VPNMentor says hackers are trying this technique with a database in their hand having over 300 million user records in them, to breach Spotify accounts and resell them for profit.
This was informed to Spotify in July this year, which had replied the day as “In response to our inquiry, Spotify initiated a ‘rolling reset’ of passwords for all users affected. As a result, the information on the database would be voided and become useless.”
The reports say that hackers may have breached 300,000 to 350,000 Spotify accounts using the database, which may have obtained from past data breaches.
Though Spotify force reset all such impacted accounts, users are recommended to change their passwords to be stronger. After all, many are appealing to Spotify so long to set a multi-factor authentication for better security.
Other Trending News:- News