Swedish streaming music service Spotify has become the latest high-profile brand to suffer what appears to be a data breach affecting users of its Android application.
Oskar Stål, Spotify chief technology officer, acknowledged the breach on the company's blog overnight:
Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial or payment information. We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident.
Spotify claims to have over US$1 billion in revenue with 10 million paying customers and 40 million active users around the world, including Australia and New Zealand.
Stål said the company would push out an upgrade to the music service's Android app over the next few days, but did not detail its role in the breach.
He warned Spotify customers not to install Android apps from anywhere else than Google Play, Amazon's Appstore or the music service itself.
Over the coming days Spotify will ask its a number of its Android users to re-enter their log-in credentials. Users with Windows Phone or Apple iOS clients won't need to take any action.
A spokesperson for Spotify told iTnews the company has seen no evidence of a breach to its Android app.
"It appears that only one Spotify user's data has been accessed and this did not include any password, financial or payment information. As such, Spotify would like to reassure Android users that guidance to upgrade their apps is purely a precautionary measure."