A Different Kind of Music Pirate
Pro tip: when the Internet gives you lemons, don’t make #Lemonade, demand for better protection of your data.
Music streaming services are more popular today than ever before. Last year, music streams doubled while digital sales continued to fall. At the top of heap, Spotify currently remains king with 30 million paying subscribers as of last month. Hell, I’m a recent, mostly satisfied user, as well—which is why I get on edge whenever I see a headline about a Spotify data breach. Whether it’s one of the previous breaches the service has experienced, or a new one, behind the list of hundreds of account credentials posted to Pastebin last week, isn’t quite settled. As TechCrunch indicates, it could be a continually circulating list of previously stolen accounts. Whatever the case, it seems to be recent at least, as several of the victims noticed new songs added to their Spotify playlists that they had not selected.
This means, of course, that some of these unauthorized third parties are using the login credentials for themselves, to listen to music on someone else’s account. Which is…well, it’s pretty weird. Not least for the fact that hackers usually don’t personally use the data they steal, but try to turn a profit with the bundles instead, which already makes this an unusual situation. Even stranger is the fact that streaming on Spotify is actually free: You don’t need to hijack someone else’s account when you can quickly make your own. Aside from unexpected track additions, other users were simply booted from the service mid-song, and some ended up resetting their passwords, when able. Unfortunately, many of these people were left to discover their accounts’ compromised condition on their own, since Spotify, despite claims to the contrary, apparently did not reach out to victims of the breach immediately afterwards.
Meanwhile, in another incident that should make Ashley Madison feel slightly less awful, an online dating site called BeautifulPeople.com, exclusively for “beautiful people,” was recently hacked, exposing information on over 1 million users. The irony is that this is the same service that claimed it was hacked in 2011, specifically that a virus (named “Shrek”) allowed 30,000 “ugly people” to bypass the screening process and sign up. Turns out that incident was just a ridiculous publicity stunt, albeit an effective one. This one doesn’t seem to be, however, with users’ personal information apparently being sold on the dark web.
It just goes to show: whether you’re just trying to build your playlists, or sit with the Mean Girls at lunch, you always have to be careful with your information on the Internet.