Please login or register.

Login with username, password and session length
gfx gfx
76743 Posts in 13486 Topics by 1647 Members - Latest Member: rahbun November 28, 2023, 12:45:22 pm
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  User info stolen from music site

Author Topic: User info stolen from music site  (Read 587 times)

0 Members and 1 Guest are viewing this topic.

Offline DaBees-Knees

  • WMW Team
  • *****
User info stolen from music site
« on: March 06, 2009, 10:11:46 am »

The music streaming service Spotify has been targeted by hackers.

The Swedish company says people's personal details, including e-mail addresses, dates of birth and addresses, were all stolen. However, it is thought credit-card details, which were handled by a third party, have remained secure. Spotify has apologised for the security lapse and advised users who registered on the site before 19 December 2008 to change their passwords. It is thought hackers gained access to user data at the end of 2008, although the security breach only came to light at the end of last week. Spotify's communications manager, Jim Butcher, told BBC News the company had only become aware of the attack after receiving a message from the hackers. "We haven't had direct contact, it's all via third-party sources, so we don't know who they are and we don't know where they are from. "This wasn't some kid playing on a computer, someone has spent hundreds of hours looking to hack into our system." "We're still trying to find out the reasons they actually hacked our site, so it's difficult for me to say what they want at the present time." Launched in 2006, Spotify has more than one million registered users. Instead of receiving a pay-per-download service, users can access the music for free, with tunes interrupted by advertising, or they can pay £10 a month for an ad-free service. It is thought there are more than 250,000 users registered in the UK, but Spotify stressed that the number of compromised accounts was small. "We think about 10,000 accounts [could be] at risk, although we are 95% sure it is a fraction of that," said Mr Butcher. In a blog posting, the company explained how the hack actually took place. "The information that may have been exposed when our protocols were compromised is the password hashes [codes]. "As stated, we never store passwords, and they have never been sent over the internet unencrypted, but the combination of the bug and the group's reverse-engineering of our encrypted streaming protocol may have given outsiders access to individual hashes." The company has apologised for the security lapse and promised users that it was making efforts to ensure the hack was not repeated.

Yet another so called secure system has been shown as not that secure.

Offline RReactor

  • Forum Member
Re: User info stolen from music site
« Reply #1 on: March 10, 2009, 11:23:19 am »
another golden rule for the net never give out your personal info at all cost

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  User info stolen from music site

©2005-2023 All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.02 seconds with 23 queries.
Helios Multi © Bloc
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!