Data breach and warned users of its Android app to upgrade it in the wake of a potential data breach in their servers.
Spotify is a commercial music streaming service launched in October 2008 by Swedish start-up Spotify AB and is freely available for Android and iOS devices as well as for desktop computers with more than 40 million active users, out of which about 10 million users are its paid subscribers. It offers offline listening and ad-free playback are also available for Premium subscribers of the service.
The company announced that a hacker had allegedly broken into its systems and gained unauthorized access to the internal company data. So far only one of its users’ accounts has been accessed in the data breach, but the company believes that there is no harm to the financial information, payment details or password of the affected user.
"Our evidence shows that only one Spotify user's data has been accessed and this did not include any password, financial, or payment information,” Spotify chief technology officer Oskar Stal said in a blog post on Tuesday. “We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident."
The company takes the matters seriously and immediately launched an investigation. But they do not believe users are at any extended risk following the breach.
However, Stal said the company takes such matters very seriously, and as “general precautions,” Spotify will signed out some of their desktop, iOS, Android and Windows Phone apps users in the coming days and will ask them to log-in again by re-entering their username and password, just some extra steps to ensure its customers’ private data stays safe.
Spotify will release the updates this week and will also guide its Android users to upgrade the Android app. "Please note that offline playlists will have to be re-downloaded in the new version," Stål said. "We apologize for any inconvenience this causes, but hope you understand that this is a necessary precaution to safeguard the quality of our service and protect our users."
In their statements, Spotify has not given any details that how attackers were able to compromise the database, but the above Android app recommendation hints that users of Android app are likely at great risk, as there are possibilities that the data breach was caused because of a vulnerability in the Android app. Whereas, Spotify said, ‘no action recommended for iOS and Windows Phone users’ at this time.
The news comes after the latest eBay massive data breach that affected 145 million registered users across the world after the company’s database was compromised by the hackers.