Spotify, the world’s most popular music streaming platform, suffered a cyberattack on the 2nd of December, at the hands of a hacker named Daniel. The latter is apparently a fan of artist Taylor Swift and a supporter of US President Donald Trump, and he made sure the entire Spotify community knew that about it.
That’s because he vandalized the pages of some of the world’s most prominent singers, replacing their biographies with messages about Swift and Trump. The artists include Dua Lipa, Lana Del Rey, Future, and Pop Smoke. Daniel posted the messages “Best of all shout out to my queen Taylor Swift,” and “Trump 2020” on their bios. He also replaced their photos with one of himself and urged people to follow him on Snapchat.
Spotify Security Issues
The security breach is a significant blow to Spotify, under fire recently over security concerns. The company did reverse the damage that Daniel caused and restored the artists’ pages, but not before several users took screenshots of the attack and uploaded them on Twitter.
It is still unclear how Daniel managed to break into the streaming platform’s systems, with the company tight-lipped about how the attack took place. Spotify has a special tool called Spotify for Artists that allows users to manage and edit band pages and biographies.
According to a report by ESET‘s WeLiveSecurity, there are up to 350,000 compromised Spotify accounts exposing users’ sensitive data. That includes usernames, email addresses, and passwords. However, the researchers said the incident did not originate from Spotify as the hacked database belonged to a third-party that used it to store login credentials.
“These credentials were most likely obtained illegally or potentially leaked from other sources that were repurposed for credential stuffing attacks against Spotify,” they explained. The report adds that the continuous successful data breaches are due to users’ weak passwords and sensitive-data sharing.
To minimize account hacking threats, you must create strong passwords for each account. You can test your password’s strength with a password meter or use a password generator to produce something secure. And to maximize online privacy and security, connect to a VPN service whenever you use the Internet. This tool encrypts your traffic, masks your IP address, and unblocks geo-restricted content.