Several hundred Spotify user credentials have leaked online, this list includes usernames, emails, passwords, account types and other details. The list has been posted online on Pastebin, it appears to have been a security breach over at Spotify, but the music streaming service is yet to confirm a breach. Spotify says that it has “not been hacked,” and that “user records are secure.”
It’s not clear at this point in time how and when these Spotify user credentials were acquired. They’re specific to Spotify because the list also contains account types like Family and Premium, which means all of this is specific to the music streaming service as opposed to being a set of generic credentials that just happens to work with Spotify.
The list also contains information about when the Spotify subscription is set to automatically renew for these accounts and the country from where the Spotify account was created. Accounts on the list are not just those that were created by users in the United States.
Despite there being enough evidence that the leak is genuine and that users have been impacted by this, Spotify hasn’t declared it as a security breach just yet, instead in a statement provided to TechCrunch it said the following: “Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords.”