Music Streaming service Spotify is urging users of its Android app to update it following a potential data breach of its servers.
News of a data breach, following last week’s eBay breach, will likely unsettle some people. However, Spotify said on Tuesday that while it has become aware of “unauthorised access to its systems,” only one user’s data has been accessed. Spotify so far believes that this did not include any password, financial or payment information, and it said that it does not believe users are at heightened risk following the breach.
Spotify CTO Oskar Stal said in an email to customers,
“Our security team has become aware of some unauthorised access to our systemsand internal company data and we wanted to let you know the steps we’re taking in response (and tell you how to get back onto Spotify if you’re having trouble logging in).
“We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.”
While those using desktop, iOS and Windows Phone apps will likely be prompted to re-enter their password, Spotify has urged users of Android to upgrade their apps over the next few days.
“As an extra safety step, we are going to guide Android app users to upgrade over the next few days. If Spotify prompts you for an upgrade, please follow the instructions. As always, Spotify does not recommend installing Android applications from anywhere other than Google Play, Amazon Appstore or https://m.spotify.com/. At this time there is no action recommended for iOS and Windows Phone users.”
Spotify noted that once the Android app has been updated, users might have to re-download their offline playlists, but said that security should come first.
“We have taken steps to strengthen our security systems in general and help protect you and your data – and we will continue to do so. We will be taking further actions in the coming days to increase security for our users,” Stal concluded.
Full email sent to customers
Important Notice to Our Users
We’ve become aware of some unauthorized access to our systems and internal company data and we wanted to let you know the steps we’re taking in response. As soon as we were aware of this issue we immediately launched an investigation. Information security and data protection are of great importance to us at Spotify which is why we’re contacting you today.
Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial or payment information. We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident.
We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days.
As an extra safety step, we are asking all Android users to upgrade their app using the following instructions:
Google Play (most Android users):
Most users will automatically receive a message within the Spotify application asking them to download and install a new version of Spotify that looks like this:
If you don’t see this message within your Spotify application in the next few days, please use this link to go straight to Google Play to install the latest update, which will guide you on how to install the new version of Spotify.
Amazon AppStore for Android (e.g. Kindle Fire):
We will update your application over the coming days. If Spotify prompts you for an upgrade, please follow the instructions.
As always, Spotify does not recommend installing Android applications from anywhere other than Google Play or Amazon Appstore. At this time there is no action recommended for iOS and Windows Phone users.
Please note that offline playlists will have to be re-downloaded in the new version. We apologise for any inconvenience this causes, but hope you understand that this is a necessary precaution to safeguard the quality of our service and protect our users.
We have taken steps to strengthen our security systems in general and help protect you and your data – and we will continue to do so. We will be taking further actions in the coming days to increase security for our users.
We track anonymized user information to improve our website.
Because we respect your right to privacy, you can choose not to allow some types of cookies and processing. Click on the different category headings to find out more and change our default settings. Not allowing some types of cookies may impact your experience of our Services and what we are able to offer.
In order to use this website we use the following technically required cookies
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. Loss of the information stored in a preference cookie may make the website experience less functional but should not prevent it from working.
This cookie enable us to detect the country of which you are visiting from.
These cookies may be set through our Services by our partners. Some have functional purposes such as capping the number of times you see an ad within a short span of time, but most, through uniquely identifying your browser and the device you use to access our Services and the processing of other information, will build a profile of your interests and show you ads more relevant to them, inferred from your browsing activity. If you do not allow these cookies, you will still receive ads but they will be less targeted and less likely to be relevant to your interests.