Spotify denies hack of user accounts

Spotify on Monday pushed back against reports of a possible data breach, insisting it had not been infiltrated by hackers.

“Spotify has not been hacked and our user records are secure,” the music streaming giant said in a statement.


The remarks came in response to a report from news site TechCrunch, which said it had confirmed that numerous Spotify users had their accounts compromised within the last few days.

TechCrunch started looking into a possible leak after coming across a list of hundreds of Spotify account credentials on the text-sharing site Pastebin.

Several of the users whose account credentials — including emails, account types, usernames and passwords —  were posted told TechCrunch that they had been locked out of Spotify or had noticed unknown third parties using their account.

Spotify said it is constantly monitoring Pastebin for leaks of Spotify user information.

“When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords,” the company said.

Spotify has had to combat security incidents in the past.

In 2014, the company alerted customers to a digital intrusion that led to security upgrades. Then, in November of last year, over one thousand email addresses and passwords were leaked.

Spotify claimed those compromised details were actually tied to “a well known past leak on another service,” and unrelated to a hack of the company’s networks.

"Our user records are secure," the company said at the time.