Credentials of Spotify Users Surface Online

Email addresses and passwords of users of the music streaming app appeared online days after the company allegedly was hacked.

Newsweek verified the details of the security breach with nine individuals whose email addresses were posted publicly on Nov. 2. One victim claimed he was locked out of his account for three days.

Several victims of the attack only heard about the incident when they reached out to Spotify after realizing their accounts had been overtaken.

“I honestly had no idea this was a problem affecting multiple users,” one victim said in an email to Newsweek. “The messaging from Spotify appeared to imply mine was an individual case.”

It’s unclear who broke into Spotify users’ accounts or why.

In an email to Newsweek, Spotify provided a statement, denying its system was hacked.

"Spotify has not been hacked and our user records are secure," the statement reads. "The compromised credentials come from a well-known past leak on another service.

"Many people use the same credentials for multiple services and we urge anyone who thinks his or her information was compromised to change passwords. We regularly look for leaks on other services and match account names with our own so we can advise users to change passwords that may have been compromised."