Spotify Starts ‘Rolling Reset’ of User Passwords Found Victim to Possible Credential Stuffing Operation

Spotify reportedly see over 299 million active monthly users and is one of the most popular music streaming services.

Advertisement
By Vineet Washington | Updated: 25 November 2020 15:36 IST
Highlights
  • Spotify starts resetting passwords after an open database was discovered
  • This database contained 72GB of user information
  • Around 300,000 to 350,000 Spotify users may have been affected
Spotify Starts ‘Rolling Reset’ of User Passwords Found Victim to Possible Credential Stuffing Operation

Spotify and vpnMentor believe hackers obtained details from other platforms

Spotify has reportedly started resetting passwords for user accounts that may have been compromised. Researchers found a fraud scheme that could have been a credential stuffing operation. An open database containing more than 380 million records, including login credentials and other user data associated to Spotify was found, and the affected accounts are going to have their passwords reset. The report by the research team suspects around 300,000 to 350,000 users may have been affected by this hack of unknown origin and method.

As per the report published by the research team at vpnMentor, Spotify was targeted in a possible credential stuffing operation where hackers take advantage of weak passwords. The research team found an open database of over 380 million records associated to Spotify that included login credentials and other user data. Out of these records, around 300,000 to 350,000 users are suspected to be affected and as per the research, Spotify has initiated a ‘rolling reset' of passwords for all users affected.

The database was over 72GB and was hosted on an unsecured Elasticsearch server. For now, the origin of the database and how the fraudsters were targeting Spotify are unknown. It is possible that the hackers stole login credentials from other platforms and tried to use them on Spotify.

The database was discovered on July 3 and reviewed on July 9. Spotify was then contacted and action was taken between July 10 and July 21. Initial findings were reported to Spotify and it was found that login credentials were probably obtained from an external site and used on Spotify accounts.

Advertisement

The research also mentions that this is a common tactic used by hackers and companies cannot do anything as it depends on a user's password strength. Companies can help users regain control of their accounts and promote safer password practices.

Spotify has over 299 million active monthly users and is one of the most popular music and audio streaming services.

Advertisement

Which is the best TV under Rs. 25,000? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

 

Affiliate links may be automatically generated - see our ethics statement for details.
 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Spotify, vpnMentor, Credential stuffing operation
D-Link May Start a New Production Unit in India: Report
Motorola ‘Nio’ Said to Be in the Works With a 105Hz Refresh Rate
Advertisement

Related Stories

Tech News in Hindi »

More Technology News in Hindi »
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Lava Bold N1, Lava Bold N1 Pro India Pricing, Specifications Teased
  2. Infinix GT 30 Pro 5G India Launch Date, Colours, Key Features Confirmed
  3. Honor 400 Series With 200-Megapixel Main Camera Debuts
  4. Samsung Tri-Fold Smartphone Price Leaked, Might Launch in Q3 2025
  5. Noise Buds F1 With Up to 50-Hour Playback Time Debuts at This Price Tag
  6. Vijay Sales Apple Days Sale Brings Discounts on These iPhone, Mac Models
  7. Xiaomi Pad 7 Ultra With XRING 01 SoC and 12,000mAh Battery Launched
  8. Xiaomi Civi 5 Pro With Snapdragon 8s Gen 4 SoC, 6,00mAh Battery Launched
  9. Samsung Galaxy A26 Review
  10. Oppo A5x 5G With 6,000mAh Battery Launched in India: Price, Specifications
#Latest Stories
  1. Trump Threatens 25 Percent Tariffs on Apple If iPhones Not Made in US
  2. iPhone 16 Pro Max, iPhone 15, MacBook Air (M4) and More Get Discounts During Vijay Sales Apple Days Sale
  3. Anthropic CEO Dario Amodei Says AI Models Hallucinate Less Than Humans: Report
  4. UK Government Updates Crypto Reporting Guidelines, Mandates Collection of Crypto Transaction Data
  5. Acer Swift Neo WIth Intel Core Ultra 5, Up to 32GB RAM Launched in India: Price, Specifications
  6. Elden Ring Film Adaptation in the Works at A24 With Alex Garland Set to Direct
  7. Noise Buds F1 TWS Earbuds With IPX5 Rating, Up to 50-Hour Total Playback Time Launched in India
  8. News Media Alliance Issues Statement on Google’s AI Mode, Calls It ‘Definition of Theft’
  9. Honor Pad 10 With Snapdragon 7 Gen 3 SoC, 10,100mAh Battery Launched: Price, Specifications
  10. Lava Bold N1, Lava Bold N1 Pro India Launch Teased; Pricing, Specifications Revealed
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.