Former CEO of The Next Web. A fan of startups, entrepreneurship, getting things done faster, penning the occasional blog post, taking photos Former CEO of The Next Web. A fan of startups, entrepreneurship, getting things done faster, penning the occasional blog post, taking photos, designing, listening to good music and making lurrrve.
Spotify, a web/desktop media player have just announced that someone has managed to “compromise their protocols” and gain private information about their users.
The details the hackers may have gotten their hands on include: passwords, email address, birth date, gender, postal code and bill receipt details.
The hacker(s) managed to access information about Spotify members last year, whilst the the flaw they infiltrated was fixed just before Christmas.
Spotify have said:
Last week we were alerted to a group that managed to compromise our protocols. After investigating we concluded that this group had gained access to information that could allow testing of a very large number of passwords, possibly finding the right one. The information was exposed due to a bug that we discovered and fixed on December 19th, 2008. Until last week we were unaware that anyone had had access to our protocols to exploit it.
What you need to do.
If you signed up on Spotify before December 20th 2008 and if you use the same password on alternative services – change ALL your passwords immediately.
More at the Spotify Blog.
Get the TNW newsletter
Get the most important tech news in your inbox each week.