Spotify chiefs have warned users that the service has been hacked - with a group potentially gaining access to users' details including their email address, birth date, gender, postal code and billing receipt details.

 

In a Spotify blog they assured users that credit card details would not have been exposed, as they were stored by a third party, but urged anyone who had signed up to the service before December 19 last year, and had not changed their password since, to change their password to thwart the hackers.

 

The Spotify chiefs signed off by issuing an apology to their users. "We are really sorry about this and hope you accept our apologies," they wrote.

 

They added: "We're doubling our efforts to keep the systems secure in order to prevent anything like this from happening again."

 

http://www.nme.com/news/spotify/43228

Spotify user data compromised after service hacked

 

Spotify, the online music streaming service which allows users to listen to music on their computers, has been hit by hackers. Users of the service have been advised to change their passwords.

 

Spotify also warned that personal details, such as email addresses, birth dates and post codes may also have been exposed during the security breach. However, it said that because credit card details used for premium accounts were handled by a secure outside organisation, payment information was not at risk.

 

“Last week we were alerted to a group that managed to compromise our protocols,” writes Andres on the official Spotify blog. “After investigating we concluded that this group had gained access to information that could allow testing of a very large number of passwords, possibly finding the right one. The information was exposed due to a bug that we discovered and fixed on December 19, 2008. Until last week we were unaware that anyone had had access to our protocols to exploit it.

 

“If you have an account that was created on or before December 19, 2008, we strongly suggest that you change your password and strongly encourage you to change your passwords for any other services where you use the same password.”

 

Spotify, which has a million global users, allows people to listen to millions of songs online for free. Users can build their own playlists and share them with friends, and in exchange to free access to tracks, they have to listen to audio adverts every 20 minutes or so. People who want ad-free listening can pay 99p for 24 hours of access to ad-free music, or £9.99 for a month of access to ad-free listening.

 

The company apologised to its users for the security breach, and pledged to tighten its protective measures. “We are really sorry about this and hope you accept our apologies,” wrote the company on its blog. “We’re doubling our efforts to keep the systems secure in order to prevent anything like this from happening again.”

 

http://www.telegraph.co.uk/scienceandtechnology/technology/technologynews/4939614/Spotify-user-data-compromised-after-service-hacked.html