Spotify Resets Some User Account Passwords Due to 'Suspicious Activity'

Thomas Trutschel/Photothek via Getty Images
The logo of the music streaming service Spotify is displayed on a smartphone on April 20, 2017 in Berlin, Germany. 

On Thursday (May 23), a number of Spotify users reported receiving an email from the streaming service about "suspicious activity" on their accounts, and which notified them their passwords were reset. No further details were given at press time.

When reached for comment by Billboard, a Spotify spokesperson said, "As part of our ongoing maintenance efforts to combat fraudulent activity on our service, we recently shared a communication with select users to reset their passwords as a precaution. As a best practice, we strongly recommend users not to use the same credentials across different services to protect themselves."

As TechCrunch points out, this may be an example of a "credential stuffing attack," in which hackers scrape usernames and passwords from other hacked sites and try to use them to get into other sites. Recently security breaches include Facebook, which "unintentionally uploaded" 1.5 million users' email addresses without their consent, and Singapore's Health Sciences Authority, which compromised the personal information of 808,000 blood donors that somehow wound up on the Internet.