Spotify company is investigating unauthorized access to its systems and internal company data. Android users urge to update the app and change the password.

The popular Music streaming service Spotify is the last illustrious victim of hackers. The Swedish company today has issued an advisory to inform its the users of its Android app that it has suffered a data breach. The company in response is asking for its users to urgently upgrade the app and change the password.

“Hello, Spotify Android users. Our security team has become aware of some unauthorized access to our systems and internal company data and we wanted to let you know the steps we’re taking in response (and tell you how to get back onto Spotify if you’re having trouble logging in).As soon as we were aware of this issue we immediately launched an investigation. Information security and data protection are of great importance to us at Spotify.” states Spotify.

Spotify is an application available for Android and iOS OSs, the company also provides a desktop version and has more than 40 million active users. Spotify offers both a free service and allows paid subscription for more that 10 million users.

s1

The company revealed a hacker had violated its systems accessing to the internal company data, according its early investigation only one account has been accessed in the data breach and there are no risks for tis financial information, payment details or password. The single user has been already contacted.

Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial, or payment information,” added Spotify.

Spotify informed the Android app users that in the coming days it will logout them and will ask them to log-in again by re-entering their username and password.

Spotify hasn’t provided further details on the attack, it is still unknown how the attackers have compromise the database,there is the concrete possibility that they exploited a flaw in the Android app, because the company hasn’t still warned its iOS and Windows Phone users.

The company has announced an application update this week, probably to fix the flaw exploited by hackers.

Pierluigi Paganini

(Editor-In-Chief, CDM)

rsa-logo