We know that our drumming on the importance of changing your passwords frequently can seem like overkill to many of our readers. However, to help prove the importance of this, we only have to look back to February when we were discussing reports of Premium Spotify accounts being shared on the Dark Web.
That story and advisory on passwords was just 67 days ago.
Today, there are reports of hundreds of account credentials being shared as a list on Pastebin – Talk about Déjà vu. This list includes users around the globe and lists out account type, email and login information. Currently, Spotify is denying that they have been breached and this list could also be from a previous data breach; so this is definitely a story that will be worth keeping an eye on.
— Kaspersky Lab (@kaspersky) February 19, 2016
With that said, TechCrunch spoke with some of the users who were compromised and a few noted that they were kicked out of their session in the middle of streaming music. However, if you are a Spotify customer, it would not be a bad idea to change your password.
Also, if you use the same email or password for other accounts, you should probably change those as well. The reasoning behind this is that with user credentials, hackers will try them on other sites to see what other access they can get. And sure in this case it may be “just music,” but think about what could happen should this data be tied to say — your bank account.
— Kaspersky Lab (@kaspersky) August 21, 2015