Sarah Perez reports:
A list containing hundreds of Spotify account credentials – including emails, usernames, passwords, account type and other details – has popped up on the website Pastebin, in what appears to be a possible security breach. After reaching out to a random sampling of the victims via email, we’ve confirmed that these users’ Spotify accounts were compromised only days ago. However, Spotify says that it “has not been hacked” and its “user records are secure.”
It’s unclear, then, where these particular account details were acquired, given that they are specific to Spotify, rather than a set of generic credentials that just happen to work on Spotify.
Read more on TechCrunch.
And yes, you may well be having a deja vu experience. In November, 2015, users claimed their login credentials had been compromised but Spotify denied any hack. And in February, 2016, we saw premium accounts from Spotify data dumped, but again, Spotify denied any hack. Their denials were not persuasive to some back then and likely won’t be again.