Experts are now investigating a possible security breach in Spotify's system. Hundreds of Spotify account credentials are reportedly posted on the website Pastebin. Many of the users' personal data -- emails, usernames and passwords -- are exposed online, leading some to worry about their bank accounts and credit cards.
Tech Crunch initially reported the data hacking incident. The website reported investigators are still looking where the accounts were acquired. So far, more than a dozen of Spotify users confirmed that their accounts were breach recently.
One of the users confirmed that his account is hacked after finding out there are songs added to his songs list that he hadn't added. Also, another found his account had been used in another location.
Some of the victims immediately logged out all of their devices connected to Spotify, and then changed their password to prevent future problems. Others worked with Spotify customer service to restore their account access.
For the part of Spotify, they say their system is secure and users' records are safe.
"Spotify has not been hacked and our user records are secure. We monitor Pastebin and other sites regularly. When we find Spotify credentials, we first verify that they are authentic, and if they are, we immediately notify affected users to change their passwords," company's official statement published in Tech Crunch.
We can't give the link to the Pastebin page to protect the data of the victims.
For some victims, they received an email notification that says their password had been reset since last week. Some users found their email address reset, songs deleted and new playlist added. Others are still in the process of verifying their identity to Spotify customer service.
Because most people use the same passwords on their online accounts, several victims reported their social media accounts, messaging apps and online bank accounts have been hacked as well.
It is important to take note that Spotify has encountered data breach before. According to Newsweek, the music tech company was hacked in November last year.
While the investigation is still ongoing, security experts advise users to use more than one password for online accounts. Also, it is important to take note to use a difficult password with a three-, four- or five-word phrase followed by a number and a symbol.
"Never write your password down," Marc DeCastro, a research manager at Financial Insights told in Bankrate.