+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Spotify is making users change their passwords because other companies keep getting hacked

Sep 1, 2016, 19:27 IST

Daniel Ek, Founder and CEO, Spotify speaks onstage at Spotify Press Announcement on May 20, 2015 in New York City.Michael Loccisano/Getty Images for Spotify

Spotify is making some users reset their passwords - because other websites keep getting hacked.

Advertisement

The music streaming service recently sent out an email to some users prompting them to change their passwords "to protect your Spotify account." Why? "Because we believe it may have been compromised during a leak on another service with which you use the same password."

The reset was first reported by Motherboard, and you can see the complete email below.

Basically, Spotify has not been hacked. (That it knows of.)

But, because lots of people re-use passwords across multiple sites and services, if one of those other services is successfully hacked and user details are compromised, then hackers can use these login details to gain illicit access to accounts on other sites - like Spotify.

Advertisement

There have been numerous huge data breaches in the news recently, often dating from years ago, and affecting tens of millions of users - including LinkedIn, Tumblr, and MySpace.

So to protect its users, Spotify is forcing those whose details were exposed in some of these previous breaches to change their passwords.

"Spotify has not experienced a security breach and our user records are secure," a spokesperson said in an emailed statement.

"We do however pay attention to breaches of other services, and take steps to help our users secure their Spotify accounts when those occur, because many people use the same login and password combination for multiple services. Therefore, when we hear that another online service has been hacked, Spotify's security team will review sites (such as Pastebin and others) for leaked user credentials which might be used to access Spotify."

Spotify isn't identifying which particular breach has prompted this reset, saying only that "having become aware of such a security breach, Spotify's security team identified that some of the leaked user credentials might correspond to Spotify accounts. As Spotify chooses to take a proactive approach to security, we have therefore reset all of the relevant passwords and sent the customers an email asking them to create a new one."

Advertisement

In its emails to affected users, Spotify reassures them: "Don't worry! This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure."

Security experts recommend that you should never reuse passwords - instead using a unique, strong password for each website or service you have an account with, and saving them with a password manager if necessary.

Here's the email Spotify is sending users:

BI

NOW WATCH: The iPhone 7 is hitting stores on September 23 - here's what you're getting

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article