I had an email from Spotify yesterday saying that there had been ‘suspicious activity’ on my account and I should change my password. I wasn’t locked out or anything, but my recent activity list clearly shows music I have never played! An internet search shows I’m not alone and techy sites report many users have had this email.
Obviously I have changed my password, but has anyone any thoughts on this..? The implication from my ‘activity’ is that someone has used my account to listen to some music, but I don’t quite understand how that would work, and also this seems to be a large scale problem rather than one just personal to me, so it doesn’t quite add up in my little brain.
Neil Jung says
I haven’t had that email, but a year or so back someone used my Premier account to play a bunch of music that I loathed. I changed my password. Unfortunately some of that music appeared in my Spotify compiled Playlists. I contacted Spotify but they said the relevant playlists couldn’t be edited.
moseleymoles says
Not to make light of it @neil-jung but my algorythmic playlists are constantly under attack by son playing endless big band jazz, and daughter’s metal or wibbly wobbly Steve Hillage/system 7/ozrics stuff.
Nick L says
I’ve had that happen to me, but again without the email. Loads of godawful playlists kept appearing. All I did was change the password and hey presto, never had any problems since. If memory serves, I clicked on the “stop following” option for each playlist and it did the trick, they disappeared immediately.
Cozzer says
Hi Nigel, happened to me too. Thought it might be down to eldest son at Uni trying to use my details but apparently not. Password duly changed but a bit of a head scratcher. Wonder if a server has been compromised?
JQW says
It could just be a poor authentication mechanism used by Spotify’s login process. Some of these systems use a randomly generate large number to act as a session key as they’re guaranteed to be unique – unfortunately due to poor programming they end up not being quite as unique as expected.
Sitheref2409 says
I once looked back at my Spotify Year in Review.
A good 60% or so was stuff I’ve never listened to.
niallb says
Had the e-mail this week. Sent it to Spotify security to check it wasn’t a scam. They said it was genuine but the breach was on old account I had before I bought Premium. They exported the genuine playlists from that account to my Premium, checked that I was happy, and then deleted the old account. The whole thing took a couple of days and I couldn’t fault their attention to detail.
The Good Doctor says
So is this the modern equivalent of the old days when Record company reps visited chart return shops and gave them some free satin tour jackets and a bottle of Scotch in return for a bit of time alone with the Sales diary and a biro?
NigelT says
Further news….I suddenly noticed that I had been paying for the Premium family version at £14.99 pm when I hadn’t knowingly upgraded from Premium (and my iPod app still said I had Premium only). I contacted Spotify via online chat and after a bit of a faff with me proving I was who I said I was, they readily refunded me nearly £150 and gave me a month free on top without a quibble. I did have the issue above a couple of months ago with tracks appearing on my played list that I hadn’t played, so I assume my account was hacked in some way and someone upped my payments so they could share my account…??
Maybe worth checking you are paying the right amount!
MC Escher says
I trust no-one used that email link to reset their password, and went via the site log-in page. Sounds like a typical “phishing” email to me.