The company said in a security notice on the site that it had been "alerted to a group that managed to compromise our protocols", and could have stolen passwords, email addresses, birth dates, gender details, post codes and billing receipt information.Credit card details are safe, according to Spotify, as payment is handled by a third party provider."After investigating, we concluded that this group had gained access to information that could allow rapid testing of password guesses, possibly finding the right one," read the security notice."The information was exposed due to a bug that we discovered and fixed on 19 December 2008. Until last week, we were unaware that anyone had had access to our protocols to exploit it."Spotify is urging users who signed up before 19 December to change their passwords for the site, and for any other services where they have used the same passwords.Graham Cluley, senior technology consultant at Sophos, warned in a blog post that too many people use the same password on every web site they access."That's the real story here," he said. "If just one web site has a security blunder, all of your online information may be at risk."
Copyright ©v3.co.uk
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.