Internet radio giant Spotify has been hacked. The Spotify Android app remains unscathed from the Internet hack attack, but user should install the coming Spotify Android update to be safe.
The company issued a user notice yesterday, stating that Spotify “immediately launched an investigation” when the company became aware of one user whose account had been hacked. Upon further investigation, the company did find that the Android app hadn’t been affected (meaning Android users are protected), and stated in the notice that Spotify has already contacted the affected user.
Still, the company encourages its Android users to install the new Spotify update the company looks to send out soon: “As an extra safety step, we are going to guide Android app users to upgrade over the next few days. If Spotify prompts you for an upgrade, please follow the instructions,” said Spotify Chief Technology Officer Oskar Stal. Despite the claim that only one Android user has been affected, it seems that the Spotify Android app does have some Internet loopholes that the company may start patching up in order to avoid a repeat of one user’s current experience.
Before updating your Spotify Android app, please be aware that you’ll also have to re-download any offline playlists that you had on your current device before the Spotify notice. While this is similar to some Amazon Kindle Android issues in the past, it’s better to be secure than sorry.
This is the second announcement this month regarding the vulnerabilities present in current Internet security measures. A little earlier this month, mobile site eBay found that its corporate site had been hacked. The company released a letter to eBay users, urging them to change their usernames and passwords as a result of the attack. PayPal, the money site owned by eBay, Inc., shows no signs of an Internet hack according to eBay. Prior to eBay’s announcement, an Internet vulnerability discovered in SSL (called the Heartbleed bug) was discovered by Google officials who concealed the bug for over a month (likely due to the company’s own private investigation) until the announcement went public. Heartbleed is considered to be one of the worst (if not the worst) Internet security loopholes we’ve seen, but there could be more lurking where that one came from.