Single Spotify account breached in bizarre compromise, Windows Phone user data reportedly safe

By Derek Kessler
published

Spotify today announced that their serves has suffered breach, providing somebody somewhere unauthorized access to their systems and "internal company data". But in a strange twist, Spotify's internal investigation into the matter turned up evidence of only one user's data having been accessed, and that data did not include anything you might consider sensitive (e.g. password or payment information). While the breach has prompted Spotify to advise Android users to update their app, they aren't recommending any action for iOS or Windows Phone users.

While the single account breach is a different twist in a day and age when a breach in a service's systems often leads to millions of accounts being compromised (hello, eBay), it's good to see Spotify being proactive and forthright about this breach. Though when you're talking about just one person, it's a bit easier to handle.

The update to the Android app will be pushed over Google Play or the Amazon Appstore, the only two sources from which Spotify is adamant you should install from. Judging by the wording of their release on the breach, we wouldn't be surprised if a maliciously-modified version of Spotify was uploaded to and downloaded from a different source, leading to this breach in the first place. The nature of Android makes it easier for something like this to happen, while the locked-down ecosystems of iOS and Windows Phone make such malicious activity harder to pull off.

Though there's an update for Android, Spotify will be prompting certain users on all platforms to re-enter their username and password, purely as a precaution. Data breaches are serious business, and require increasingly serious reactions from the service providers, no matter how bizarre the circumstances.

Does this breach change your opinion of Spotify?

Source: Spotify

Derek Kessler
Derek Kessler

Derek Kessler is Special Projects Manager for Mobile Nations. He's been writing about tech since 2009, has far more phones than is considered humane, still carries a torch for Palm, and got a Tesla because it was the biggest gadget he could find. You can follow him on Twitter at @derekakessler.

24 Comments
  • I think you meant "while the locked down ios and windows phone" not android...
  • :D
  • You are absolutely correct. Fixed, thanks.
  • Of course android users have to. :P
  • Shouldn't it be locked down ecosystems of Apple & Windows Phone?
  • Nope, ios not Apple :)
  • Why did you put a smiley face, to prevent backlash?
  • Because Spotify on WP is so bad, nobody uses it, therefore nobody on WP had their account breached.
  • It got a lot nicer in the last update but I'm already experiencing some minor bugs so yeah a fix for those bugs might be released around this years holiday season :P
  • I use it. a lot. so there.
  • Hahah. Yes. It still sucks on WP. Offline mode doesn't work well amongst other things...grr
  • "while locked-down ecosystem of (android) And windows phone make such malicious activity harder to pull off"
    In this sentences you meant (IOS) I think
  • while the locked-down ecosystem of Android and Windows Phone make such malicious activity harder to pull off.
      iOS and Windows Phone are locked down not android. cheers
  • For what I'm concerned, Android is locked out... :P
  • In case noone spotted it so far there is an error with the list of locked down operation systems /s
  • To answer the closing question of the article, no this does not change my opinion of Spotify. I still don't care for them at all.
  • may I ask why?
  • "Does this breach change your opinion of Spotify?" No. I still continue to believe they're shit.
  • Ditto
  • "Meh your windows phone app is so rubbbish nobody uses it, meh..." / "Meh, your locked-down phone, meh..." / "Meh, that's why your account didn't get hacked, meh"... Your app's bigger than my app, eh? Like your dad can beat up my dad? Like you could eat a bowl of your own faecal matter quicker than I could? Grow up, you pathetic saps.  I have a Spotify account that I use on my PC more than my (Windows) phone; does that make me any more or less susceptible to a hack? No it does not.  I can understand why children under the age of 10 might argue amongst themselves over who's got the best pair of trainers, but for you sad trolls who seek any opportunity to tell the world that you think what you own is better than what someone else owns because theirs is crap while yours is the bestest ever in the whole wide world, I have a little message for you; here goes:- "I hope that one day you realise there's a big world outside your bedroom and I hope one day you step outside, have a look around and maybe even lose your virginity...one day..." Turrah...  
  • all chinese phone is batter then nokia ..... there is no whatsapp... wt the hell is that..... It's such a shame on you (nokia)
  • you are an idiot, a troll and a spammer... you should know the facts without even talking and giving your stupid comments to WPCentral.
    You probably are those idiots android (or iphone) users who come and troll here, so what do you care if whatsapp is available or not today for the platform? I would advice you, you worry about your life, it seems you dont have one since you just come to spam the same stupid thing like if Whatsapp was the most used app everywhere.
  • just shutup..i m nokia user not andriod or iphone ..ok..i have nokia lumia 820. i reset my fone 2 week ago.. after then i m search whatsapp on nokia  window store but there is no whatsapp.. and i think i m waste my money to buy it.. and u think i m idiot, yes i m idiot bcoz  i buy a wrong phone and waste money
  • Spotify for WP badly needs an update. The functionality of the "black" update totally sucks.