Exploit: Accidental Data Exposure
Spotify: Music Streaming Service
Risk to Small Business: 2.223 = Severe In their 3rd breach of the year, Spotify has announced that starting in April 2020, some user information was inadvertently exposed to third-party partners that shouldn’t have been able to access it. The leak was discovered and closed in November 2020.
Individual Risk: 2.212 = Severe The leaked information may have included email address, display name, password, gender, and date of birth for users. Customers should be alert for spear phishing and credential stuffing attempts made using this information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: This kind of data inevitably makes its way to the Dark Web, providing fodder for cybercriminals to exploit to fuel future cyberattacks.
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.