Spotify, the music streaming app, has asked multiple users to modify their passwords on the platform. At the moment it is unknown exactly what is the reason behind this request.
“The hacks in Chipotle, DoorDash and OkCupid accounts may have prompted Spotify to request the restoration of passwords.”
In the emails sent, the platform has indicated that it is a change of password for “detection of suspicious activity”. However, no further details were given about what type of activity it refers to.
In this sense, Peter Collins, a spokesperson for Spotify, has demolished: “As part of our ongoing efforts to combat fraudulent activity in our services, we have recently sent communications to certain users to restore their passwords as a precaution. As a good practice, we recommend our users to protect themselves and not use the same passwords in different services »
Collins’ statements have led to the possibility that Spotify is receiving a password cloning cyberattack. In these attacks, a group of cybercriminals take lists of user names and passwords, from data leaks, and try to insert them into other apps or web pages.
In this sense, some users agree to have used the same passwords in Spotify and other services. However, others also claim to have used exclusive passwords for the streaming app, so the password cloning cyberattack could be a mere speculation.
It is important to clarify that it is quite common for technology companies to ask their users to restore their passwords if they are weak or can be easily guessed.
In general, companies store passwords in an encrypted system that uses data protection and filtering algorithms. Through this algorithm, the administrators of the app can compare lists of filtered data with their own database and warn users when their passwords can be violated, sending emails and alerts automatically.
However, in the past, many companies, such as Google, have used storage systems without encryption, better known as plaintext, which make passwords and user data easily accessible to cybercriminals.
That is why, although the true causes of this security problem are unknown, the hacks in Chipotle accounts, DoorDash and OkCupid may have prompted Spotify to request the restoration of passwords as a prevention.