2 min read

Spotify warns of unauthorized access to its systems, after Android user hacked

Graham CLULEY

May 27, 2014

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Spotify warns of unauthorized access to its systems, after Android user hacked

Whenever a company publishes a blog post called something like “Important notice to our users” you should know to sit up and listen. Chances are, it’s serious and might involve the site’s security and your privacy.

That’s exactly the kind of article which has been published on Spotify’s blog today by the music streaming service’s CTO Oskar StÃ¥l:

Part of the message read:

We’ve become aware of some unauthorized access to our systems and internal company data and we wanted to let you know the steps we’re taking in response. As soon as we were aware of this issue we immediately launched an investigation. Information security and data protection are of great importance to us at Spotify and that is why I’m posting today.

Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial or payment information. We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident.

We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.

Sounds like we can all breath a sigh of relief that passwords, and financial information wasn’t exposed as a result of the hack. But I would feel somewhat more comforted if Spotify showed greater openness revealing what had been accessed (even if it was just one user impacted), rather than simply detailing what had not.

It appears that the blame is being pointed firmly in the direction of the service’s Android app:

As an extra safety step, we are going to guide Android app users to upgrade over the next few days. If Spotify prompts you for an upgrade, please follow the instructions. As always, Spotify does not recommend installing Android applications from anywhere other than Google Play, Amazon Appstore or https://m.spotify.com/. At this time there is no action recommended for iOS and Windows Phone users.

At the time of writing, there are no recommended iOS and Windows Phone Spotify users.

Some big questions remain.

Was there a problem with Spotify’s Android app? Did it help a hacker gain access to a Spotify user’s account? Could other Spotify customers using the company’s Android app have had their accounts put at risk because of a vulnerability?

One hopes that Spotify might share more information once it has pushed out a new version of its Android app, and plugged any remaining security vulnerabilities.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read