Spotify 80,000 users’ records exposed due to unsecured database

https://blog.malwarebytes.com/reports/2020/11/spotify-resets-some-user-logins-after-hacker-database-found-floating-online/

Exploit: Credential Stuffing
Spotify: Digital Music Streaming Service

Oaklawn-Hospital-img1

Risk to Small Business: 1.992 = Severe Spotify ended up with egg on its face last week after security researchers uncovered an unsecured Elasticsearch database containing more than 380 million records. The exposed data contained login credentials and other information belonging to Spotify users. The researchers in concert with Spotify investigators determined that whoever owned the database had probably obtained the login credentials from an external site and used them on Spotify accounts in a credential stuffing operation.

-Hastings-img1

Individual Risk: 2.801 = Moderate The data that was exposed includes customers’ usernames and passwords for Spotify, as well as email addresses and countries of residence. Information like this could be used to fuel spear phishing attempts. Spotify users should reset their passwords.

Customers Impacted: 80,000
How it Could Affect Your Customers’ Business: Credential stuffing is a threat that becomes more serious every day as new dumps of passwords hit the Dark Web. If you’re not watching for potential trouble, you’re leaving your business open to disaster.

Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk

*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.


3 Essential Types Of Cyber Security Your Business Must HaveCLICK HERE!
+ +