If you are a regular Spotify user, you may remember having to reset your password in July. The reason: a massive credential breach discovered on a remote server by a security research firm. Spotify says it has performed a “rolling reset” of accounts to protect users.
The leak was discovered by vpnMentor and made public yesterday, after it was reported to Spotify itself in July. The service has reset an unknown number of passwords to protect affected users, most of which have since been completed. The researchers said they had discovered a 72 gigabyte cache of unencrypted information, including about 300,000 email addresses, login IDs and passwords for Spotify users.
The data was on a third-party server, which was not owned by Spotify at the time, and was almost certainly obtained illegally. It̵