Sunday, January 17, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Spotify launches ‘rolling reset’ on customer accounts, passwords linked to data leak

November 24, 2020
in Internet Security
Spotify launches ‘rolling reset’ on customer accounts, passwords linked to data leak
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Spotify has issued a rolling password reset of some user accounts following the discovery of an open database containing user credentials. 

This week, vpnMentor researchers Noam Rotem and Ran Locar made their findings public, in which an open Elasticsearch database was found during the firm’s web mapping project.

You might also like

DuckDuckGo surpasses 100 million daily search queries for the first time

Xayn introduces user-friendly and privacy-protecting web search

NSA warns against using DoH inside enterprise networks

The 72GB database contained over 380 million records, “including login credentials and other user data being validated against the Spotify service,” the team said. 

See also: Unsecured database exposes 85GB in security logs of major hotel chains

According to vpnMentor, the origins of the database are unknown, but it does not belong to the music streaming service itself. Instead, the third-party that created the database may have collated the records from other sources — such as stolen data dumps or another platform — for later use to hijack user accounts. 

“These credentials were most likely obtained illegally or potentially leaked from other sources that were repurposed for credential stuffing attacks against Spotify,” Rotem and Locar said. 

Some, but not all, Spotify users have been impacted. It is estimated that roughly 300,000 to 350,000 accounts were embroiled in the leak, in which email addresses, Personally Identifiable Information (PII), countries of residence, and login credentials — both usernames and passwords — were available to view. 

CNET: Best Android VPNs for 2020

The information was not encrypted. As a result, these records could be used to access and take over accounts, as well as perform credential-stuffing attacks should the password and email combinations be used on other platforms or to access other applications. 

However, it should be noted that the leaked data only relates to a tiny fraction of Spotify’s 299 million active monthly user base. 

vpnMentor discovered the database on July 3, and following a review, contacted Spotify on July 9. Between July 10 and July 21, the music streaming service initiated a rolling reset of passwords for the users identified in the database, ensuring the password and username combinations — at least on the Spotify platform — would become useless. 

TechRepublic: Study finds 31% of third-party vendors could cause significant damage to organizations if breached

ZDNet has reached out to Spotify and will update when we hear back. 

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

Global AI/Machine Learning Market Size, Analytical Overview, Growth Factors, Demand, Trends and Forecast to 2025

Next Post

How to evaluate the Machine Learning models? — Part 4 | by RAVI SHEKHAR TIWARI | Nov, 2020

Related Posts

DuckDuckGo surpasses 100 million daily search queries for the first time
Internet Security

DuckDuckGo surpasses 100 million daily search queries for the first time

January 17, 2021
Xayn introduces user-friendly and privacy-protecting web search
Internet Security

Xayn introduces user-friendly and privacy-protecting web search

January 16, 2021
NSA warns against using DoH inside enterprise networks
Internet Security

NSA warns against using DoH inside enterprise networks

January 16, 2021
Joker’s Stash, the internet’s largest carding forum, is shutting down
Internet Security

Joker’s Stash, the internet’s largest carding forum, is shutting down

January 16, 2021
Iconic BugTraq security mailing list shuts down after 27 years
Internet Security

Iconic BugTraq security mailing list shuts down after 27 years

January 16, 2021
Next Post
How to evaluate the Machine Learning models? — Part 4 | by RAVI SHEKHAR TIWARI | Nov, 2020

How to evaluate the Machine Learning models? — Part 4 | by RAVI SHEKHAR TIWARI | Nov, 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

DuckDuckGo surpasses 100 million daily search queries for the first time
Internet Security

DuckDuckGo surpasses 100 million daily search queries for the first time

January 17, 2021
Automated Data Science and Machine Learning Platforms Market Comprehensive Analysis, Share, Growth Forecast from 2020 to 2025
Machine Learning

Automated Data Science and Machine Learning Platforms Market Comprehensive Analysis, Share, Growth Forecast from 2020 to 2025

January 17, 2021
Xayn introduces user-friendly and privacy-protecting web search
Internet Security

Xayn introduces user-friendly and privacy-protecting web search

January 16, 2021
WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months
Internet Privacy

WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months

January 16, 2021
NSA warns against using DoH inside enterprise networks
Internet Security

NSA warns against using DoH inside enterprise networks

January 16, 2021
NSA Suggests Enterprises Use ‘Designated’ DNS-over-HTTPS’ Resolvers
Internet Privacy

NSA Suggests Enterprises Use ‘Designated’ DNS-over-HTTPS’ Resolvers

January 16, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • DuckDuckGo surpasses 100 million daily search queries for the first time January 17, 2021
  • Automated Data Science and Machine Learning Platforms Market Comprehensive Analysis, Share, Growth Forecast from 2020 to 2025 January 17, 2021
  • Xayn introduces user-friendly and privacy-protecting web search January 16, 2021
  • WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months January 16, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates