We know that our drumming on the importance of changing your passwords frequently can seem like overkill to many of our readers. However, to help prove the importance of this, we only have to look back to February when we were discussing reports of Premium Spotify accounts being shared on the Dark Web.
That story and advisory on passwords was just 67 days ago.
Today, there are reports of hundreds of account credentials being shared as a list on Pastebin – Talk about Déjà vu. This list includes users around the globe and lists out account type, email and login information.
Currently, Spotify is denying that they have been breached and this list could also be from a previous data breach; so this is definitely a story that will be worth keeping an eye on.
Do you use #Spotify? You may want to check your password 100s of account published #darkweb https://t.co/h5qNYbfQ5c pic.twitter.com/gFxBqFzwlo
— Kaspersky (@kaspersky) February 19, 2016
With that said, TechCrunch spoke with some of the users who were compromised and a few noted that they were kicked out of their session in the middle of streaming music.
However, if you are a Spotify customer, it would not be a bad idea to change your password.
Also, if you use the same email or password for other accounts, you should probably change those as well. The reasoning behind this is that with user credentials, hackers will try them on other sites to see what other access they can get. And sure in this case it may be “just music,” but think about what could happen should this data be tied to say — your bank account.
How strong is your #password? Check it here: http://t.co/9ILaxq503k https://t.co/P9Pm0SGc4n #internet #security #infosec
— Kaspersky (@kaspersky) August 21, 2015
For a strong password, we advise following these tips from one of our GReAT researchers, David Emm. Also if you have trouble remembering a tough password, we advise that you use a password manager.