Spotify today announced that their servers have suffered a breach, providing somebody somewhere unauthorized access to their systems and "internal company data". But in a strange twist, Spotify's internal investigation into the matter turned up evidence of only one user's data having been accessed, and that data did not include anything you might consider sensitive (e.g. password or payment information). But the breach has prompted Spotify to prepare an update for their Android app, one that they will be prompting users to install.

While the single account breach is a different twist in a day and age when a breach in a service's systems often leads to millions of accounts being compromised (hello, eBay), it's good to see Spotify being proactive and forthright about this breach. Though when you're talking about just one person, it's a bit easier to handle.

The update to the Android app will be pushed over Google Play or the Amazon Appstore, the only two sources from which Spotify is adamant you should install from. Judging by the wording of their release on the breach, we wouldn't be surprised if a maliciously-modified version of Spotify was uploaded to and downloaded from a different source, leading to this breach in the first place.

The updated Android version of Spotify will require users to redownload their offline playlists, and some users may be prompted to re-enter their username and password as a precaution. Data breaches are serious business, and require increasingly serious reactions from the service providers, no matter how bizarre the circumstances.

Does this breach change your opinion of Spotify?

Source: Spotify


Reader comments

Bizarre breach of single Spotify account leading to security update for Android app


I feel like almost every account I have has been hacked. Lost my Sony account a few years back. Adobe hit me hard, had to get new debit cards after the target hack which is a pain because so many auto payments used that number, Ebay just nailed me and now this (which is thankfully the least serious as of now). Come on hackers, don't you have enough of our info already? Do you really need to steal my email again?

These days, I avoid just about any password system that isn't protected by 2 factor authentication. Yeah, I know it isn't perfect, but it's better.

I love Spotify, and I'm pretty impressed that they'd be this concerned over such a minor incident. Kudos to them for being on top of things.

If only they were this quick and proactive with their software updates in general and Chromecast support in particular.

Posted via Android Central App

Good to see a swift response and the message they're sending out: No security breach is small enough to make it matter. Now, please, address the everyday quirks of the app! (Come on! Still no way to edit playlists on Android??!! And you can't queue songs while playing radio, which you CAN on Desktop).

i tried Spotify but i had to switch back to Pandora. data usage on Spotify was at least 5-10X higher for the same content on comparable quality. and background data usage when app not in use was crazy. anybody else experience this?

I wonder if there isn't something else going on. Several of my radio stations started playing all sorts of unrelated songs over the weekend, like someone screwed up the formula.

Posted via Android Central App

So I have about 500+ songs in a playlist that has taken me months to get just the right songs I want to workout to. How do I efficiently make sure I add those same songs to a playlist when I update?

Posted via Android Central App

Just got the update. Kind of weird how they handled it. I opened the app this morning and there was a message that my app was outdated and no longer usable, and that I needed to update immediately. When you click on the update link it brings you to an all new Spotify Music app in the Play Store. Kind of weirded me out at first, like it was a scam or something. I wasn't expecting to have to download a whole new app.