Israeli researchers uncover potential fraud scheme on Spotify users

vpnMentor’s Noam Rotem and Ran Locar, unearthed an ‘Elasticsearch’ database containing more than 380 million records, including login information

James Spiro 12:2924.11.20
Two Israeli researchers from vpnMentor have announced that they discovered a possible ‘credential stuffing’ operation that affected accounts from the popular streaming service, Spotify. Credential stuffing is a hacking technique that exploits weak passwords that consumers usually use across multiple accounts or services.


Noam Rotem and Ran Locar discovered a database with more than 380 million records, including sensitive information such as login credentials and IP addresses of Spotify users. It is unclear how the database was compiled and how exactly the hackers targeted Spotify, but it is possible they were using login credentials stolen from another platform, app, or website.

Spotify has almost 300 million active monthly users. Photo: Shutterstock Spotify has almost 300 million active monthly users. Photo: Shutterstock


According to a summary of the incident provided by vpnMentor, it is estimated that up to 350,000 user accounts were affected by the scheme, whose email addresses and passwords could be used for identity fraud, scams, phishing, and malware attacks.


The attack was discovered in July 2020, and the company claims it immediately contacted Spotify to try and rectify the damage. “In response to our inquiry, Spotify initiated a ‘rolling reset’ of passwords for all users affected. As a result, the information on the database would be voided and become useless,” the company wrote in a blog post about the incident.


The researchers advised that if you received an email from Spotify in the summer, it is essential to change the login information of any other account that may have the same password.


vpnMentor is one of the largest virtual private network review websites on the internet. Its research lab, of which Rotem and Locar are members, operates as a free service to help protect the online community from cyber threats and malware attacks. Spotify, founded in 2006, is a Swedish-based music streamer and has almost 300 million active monthly users around the world.