21
submitted 8 months ago by Dirk@lemmy.ml to c/cybersecurity@lemmy.ml

So, yeah. Other than stated, Spotify does not provide 2FA (shame on them!), so I use a strong password and since years nothing happened.

This early morning I got multiple mails that my account was logged in from Brazil, from the USA, from India, and some other countries. There were songs liked and playlists created so it wasn’t a malicious e-mail but some people actually were able to log on to my Spotify account.

I of course changed the password and logged out all accounts and checked allowed apps, etc. and everything looks fine.

But I wonder … was there something that happened recently? The common sites to check such things do not list my old Spotify password, and a quick web research does not bring anything up.

Any clue what could have happened here?

you are viewing a single comment's thread
view the rest of the comments
[-] Dirk@lemmy.ml 2 points 8 months ago* (last edited 8 months ago)

The mail address is shown for 3 data breaches. dailymotion 2016, Gravatar 2020, Myspace 2008. None of the passwords could possible match my Spotify password but I stopped using those services long before the breaches so I can’t tell 100%.

this post was submitted on 23 Feb 2024
21 points (88.9% liked)

/c/cybersecurity - Cybersecurity News & Discussion

2111 readers
1 users here now

A community for technical news and discussion of cybersecurity and closely related topics.

founded 4 years ago
MODERATORS