News reports report news of Spotify hack -- there seem to have been many users' account details leaked on Pastebin. But the Swedish streaming service says all is safe, rather implying it's users are the ones at fault.
A Spotify spokesperson claims it proactively resets hacked passwords, but it doesn't appear to have done so this time. Users are also reporting problems working with Spotify to get back into their accounts.
What's going on? In IT Blogwatch, bloggers try to get to the bottom of it. Not to mention: David Gilmour's tribute to Prince…
Your humble blogwatcher curated these bloggy bits for your entertainment. Are you not entertained?
What’s the craic? Sarah Perez talks to some angry Spotify users—Hundreds of Spotify credentials appear online:
One said he found songs added to his saved songs list that he hadn’t added. Another [said] “I saw ‘recently played’ songs that I’d never listened to.” ... Others said they were kicked out [and] their account email had been changed. ... One victim told us, “I noticed it last night when I...saw someone was using my account somewhere else.”
“I had to reach out to Spotify first” [another] said. “They’ve not been helpful.” ... “I’m jumping through hoops,”...another told us.
This seems to contradict the statement a Spotify spokesperson provided: ... “Spotify has not been hacked. ... We monitor Pastebin and other sites [and] immediately notify affected users.”
What a to-do. But what to do? Robert Pleasant lives up to his name, in Spotify denies hack:
Victims are working with Spotify...to regain their account access. But they were not contacted...nor were their passwords proactively reset.
If you are a Spotify user [whose] information was included...change your password. ... If the passwords of any other websites that use the same...information that can be connected to your Spotify account...change those too. ... Those with paid accounts should set up credit monitoring immediately.
Déjà vu, anyone? With a slightly cynical story, here's Dissent:
In November...users claimed their...credentials had been compromised but Spotify denied any hack. And in February...we saw premium accounts...dumped, but again, Spotify denied. [These] denials were not persuasive...back then and likely won’t be again.
Spotify probably wasn't hacked. Or so says james_72:
You can buy [Spotify credentials] online for $1...along with Netflix, Hulu, and everything else. There's no hacking involved. It's idiot users clicking on phishing links.
Meanwhile, who gets the award for "most hyberbolic headline"? Joe White does—Spotify Faces Security Meltdown as Countless Account Details Appear:
In a strange and disturbing move...hundreds of Spotify account details...has appeared online. ... Spotify is claiming that...its “user records are secure.”
The inclusion of Spotify...details, like subscription plans, [show they] are definitely the music service's...credentials. ... Spotify apparently hasn't reached out to victims, but...this contradicts the service's only public statement.
David Gilmour - Comfortably Numb (featuring Purple Rain)
[it may look like a bootleg, but it's on Gilmour's official channel, AFAICS]
You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don’t have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or firstname.lastname@example.org.
Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.