Expert Comments

Experts Reaction On Dua Lipa And Other Spotify Artists’ Pages Hacked By Taylor Swift ‘Fan’

Expert(s):
Expert(s):

Some of the world’s most popular singers have had their Spotify pages defaced by a hacker who posted messages about Donald Trump and Taylor Swift including Lana Del Rey and Dua Lipa had their biographies replaced by the attacker. Daniel, the hacker, replaced these photos with photos of himself. The attacker also asked people to add him on Snapchat, and added the words “Trump 2020”. 

In News: https://www.bbc.co.uk/news/technology-55158317

Experts Comments

Dot Your Expert Comments
Tim Mackey
December 03, 2020
Principal Security Strategist
Synopsys CyRC

From a public perspective, without clarity around how the Spotify for Artists web site is related to the consumer Spotify site.
While the details of what weaknesses in Spotify’s security practices remain unknown, the attack highlights an important aspect of all cyber-attacks – the attackers define the rules of their attack. In this case, vandalism is an obvious component, but it could also be but one aspect of their ultimate goal. From a public perspective, without clarity around how the Spotify for Artists web site is related to the consumer Spotify site, I would recommend that all Spotify users take this.....Read More
While the details of what weaknesses in Spotify’s security practices remain unknown, the attack highlights an important aspect of all cyber-attacks – the attackers define the rules of their attack. In this case, vandalism is an obvious component, but it could also be but one aspect of their ultimate goal. From a public perspective, without clarity around how the Spotify for Artists web site is related to the consumer Spotify site, I would recommend that all Spotify users take this opportunity to reset their passwords and review which apps they’ve linked to the Spotify service. Businesses seeking to learn from this incident should ask themselves how quickly they would be able to identify if they had fallen victim to a similar defacement effort. If the answer isn’t affirming, then a review of audit and monitoring practices is in order, along with a review of incident response planning.  Read Less
Chris Hauk
December 03, 2020
Consumer Privacy Champion
Pixel Privacy

The recent report of up to 350,000 Spotify user accounts being hacked.
While the Spotify Artist Pages hack makes headlines, more important is the recent report of up to 350,000 Spotify user accounts being hacked, exposing sensitive information, including users' email addresses, usernames, and passwords. While Spotify has contacted the users believed to have had their information exposed, even users that haven't been contacted shouldn't feel safe. They should change their password to a secure password, set up the platform's two-factor authentication, check to make .....Read More
While the Spotify Artist Pages hack makes headlines, more important is the recent report of up to 350,000 Spotify user accounts being hacked, exposing sensitive information, including users' email addresses, usernames, and passwords. While Spotify has contacted the users believed to have had their information exposed, even users that haven't been contacted shouldn't feel safe. They should change their password to a secure password, set up the platform's two-factor authentication, check to make sure the password wasn't being used on other sites or services, and invest in and use a password manager. This advice is also applicable to the Dua Lipas and Lana Del Rays of the world.  Read Less
Paul Bischoff
December 03, 2020
Privacy Advocate
Comparitech

Defacement is a popular sort of sport among a niche community of hackers.
The big question about the attack on Spotify is whether it occurred through the artists' portal where they can claim and manage their own pages, or through some other internal Spotify system. Both would be concerning but the latter much more so, as it would require compromising Spotify's security and not just the login information of a few artists. Defacement is a popular sort of sport among a niche community of hackers, though it usually occurs on websites rather than apps.

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

$2bn Startup Glovo Falls Victim To Cyberattack

Vulnerabilities Found In Wifi-routers

Experts Reaction On REvil/Sodin Behind UnitingCare Breach

Experts On IOS 0-Days Vulnerabilities Discovered

Uni Research Finds That Fertility Apps Collecting And Sharing Sensitive...

44% of Orgs. Report Breaches Due to 3rd Parties, 74%...

92% Of Organisations Who Pay Ransoms Don’t Get All Their...

Experts Comments on World Password Day

Expert Insights On Ransomware Task Force Report

Expert Commentary – Ofcom Warn People Not to Trust Caller...