Advantage IT Management Blog

Cybersecurity Lessons to be Learned From a Spotify Hack

Cybersecurity Lessons to be Learned From a Spotify Hack

We will often keep an eye on current events to find practical examples to use as evidence in support of our recommended best practices, but a relatively recent Spotify hack has given us a special opportunity. We now have the opportunity to use this one story to reinforce not one, but two such practices. Let’s dive in, shall we?

Lesson One: Don’t Reuse Your Passwords

Basically, hackers were recently able to access 350,000 Spotify accounts without needing to infiltrate the streaming service. Rather, the hackers responsible used login credentials from other sites and services that had been exposed in other data breaches.

By taking the credentials from these other websites, these hackers simply went down the list and tested them out on Spotify. Known as credential stuffing, this is a very simple tactic that hackers will often use.

This kind of thing is what takes the already-bad password breach and makes it terrible, only getting worse with each platform secured by the recycled credentials. Practices like credential stuffing are precisely why the prevailing wisdom to have a unique password for every account you have—particularly work accounts or those with sensitive or financial data—exists. It also doesn’t hurt to have these passwords locked away in an encrypted password management tool if you need help remembering them.

Lesson Two: Keep Your Data in a Safe Place

The second lesson actually comes from the actions of those responsible for the breach. From them, we can learn how important it is to secure any data you are in possession of.

After all, their failing to do so led to the discovery and mitigation of this breach in the first place.

Two security researchers were conducting a simple Internet scan for unsecured data, including some which was present in the attacker’s cache. The hackers had chosen to store their stolen credentials on an unsecured cloud database. In doing so, anyone who happened to stumble upon the collection could gain access without a password. Hypothetically speaking, this meant that other hackers and cybercriminals could have located the stash and copied them for their own nefarious purposes.

Fortunately, this discovery allowed Spotify to be alerted and prompt a password reset for all affected users… for Spotify specifically, that is. There’s still the potential for those credentials to be used elsewhere on the Internet for unauthorized access.

Therefore, the real lesson here is to make sure that your cybersecurity standards are up to par. Advantage IT Management can help you do that. Reach out to us at 251-662-9770 to learn how our managed services can assist your cybersecurity without negatively influencing your productivity.

Understanding VPN and How One Helps Your Business
Embrace These Solutions for Improved Collaboration


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Friday, January 22 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

RyanMcCawley Is it Wrong to Purchase Access to Your Own Data?
11 November 2020
As we know there are so many colleges and universities. From stude...
WilliamMMartin What You Need to Know to Manage a Remote Workforce
29 April 2020
Managing a remote workforce is tough, but now a day it is the requirement and we all need to take ca...
Malcolm Quinn Gmail and the G Suite Get Overhauled with A.I.
13 April 2020
Some of the sites on the link can be overhauled and users can get different advantages. On the other...
Avye Goodwin ALERT: Change Your Twitter Password, Says Twitter
25 March 2020
When you create your Twitter account you have to make your password secure and healthy so that you c...
Jerry Bradford The Advantages and Disadvantages of Getting a Smart Lock for Your Business
17 March 2020
There are many advantages and disadvantages to getting some smart lock that was for the local busine...