Music Streaming service Spotify is urging users of its Android app to update it following a potential data breach of its servers.
News of a data breach, following last week’s eBay breach, will likely unsettle some people. However, Spotify said on Tuesday that while it has become aware of “unauthorised access to its systems,” only one user’s data has been accessed. Spotify so far believes that this did not include any password, financial or payment information, and it said that it does not believe users are at heightened risk following the breach.
Spotify CTO Oskar Stal said in an email to customers,
“Our security team has become aware of some unauthorised access to our systemsand internal company data and we wanted to let you know the steps we’re taking in response (and tell you how to get back onto Spotify if you’re having trouble logging in).
“We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.”
While those using desktop, iOS and Windows Phone apps will likely be prompted to re-enter their password, Spotify has urged users of Android to upgrade their apps over the next few days.
“As an extra safety step, we are going to guide Android app users to upgrade over the next few days. If Spotify prompts you for an upgrade, please follow the instructions. As always, Spotify does not recommend installing Android applications from anywhere other than Google Play, Amazon Appstore or https://m.spotify.com/. At this time there is no action recommended for iOS and Windows Phone users.”
Spotify noted that once the Android app has been updated, users might have to re-download their offline playlists, but said that security should come first.
“We have taken steps to strengthen our security systems in general and help protect you and your data – and we will continue to do so. We will be taking further actions in the coming days to increase security for our users,” Stal concluded.
Full email sent to customers
Important Notice to Our Users
Hello,
We’ve become aware of some unauthorized access to our systems and internal company data and we wanted to let you know the steps we’re taking in response. As soon as we were aware of this issue we immediately launched an investigation. Information security and data protection are of great importance to us at Spotify which is why we’re contacting you today.Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial or payment information. We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident.
We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.
As an extra safety step, we are asking all Android users to upgrade their app using the following instructions:
Google Play (most Android users):
Most users will automatically receive a message within the Spotify application asking them to download and install a new version of Spotify that looks like this:(picture above)
If you don’t see this message within your Spotify application in the next few days, please use this link to go straight to Google Play to install the latest update, which will guide you on how to install the new version of Spotify.
Amazon AppStore for Android (e.g. Kindle Fire):
We will update your application over the coming days. If Spotify prompts you for an upgrade, please follow the instructions.As always, Spotify does not recommend installing Android applications from anywhere other than Google Play or Amazon Appstore. At this time there is no action recommended for iOS and Windows Phone users.
Please note that offline playlists will have to be re-downloaded in the new version. We apologise for any inconvenience this causes, but hope you understand that this is a necessary precaution to safeguard the quality of our service and protect our users.
We have taken steps to strengthen our security systems in general and help protect you and your data – and we will continue to do so. We will be taking further actions in the coming days to increase security for our users.
Oskar Stal, CTO, Spotify
