YOUR IT - Technology for you

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

 read more
StumbleUponSubmit to redditShare this on TwitterShare on facebook | Print |PDF 

More From

Is Spotify being crucified on a cross of media misunderstanding?

Davey Winder
Thursday, 05 March 2009 17:14

Your IT - Home IT

Page 1 of 2
Users of popular online music service Spotify are understandably worried by the news of a security breach that, according to many reports, has exposed password and sensitive information. But how accurate are those reports?

Millions of people have been enjoying free online music courtesy of an ad-sponsored service operated by Spotify. That enjoyment has been cut short for many with the news of a pretty serious security breach.

Microsoft Office 365 Get your free Trial
The BBC reports that hackers "had got their sticky fingers all over its filing system" while others talk of thousands of passwords being stolen.

Just about every report I have seen includes a quote from the official announcement of the breach which mentions that along with password "registration information such as your email address, birth date, gender, postal code and billing receipt details were potentially exposed."

Some reports even include the next line which states that "Credit card numbers are not stored by us and were not at risk." However, most do not seem to have bothered reading the entire Spotify statement or at least have failed to comprehend it at all.

That statement confirms that the potential breach was first noticed last week, and after investigation Spotify concluded that an unnamed group had managed to compromise protocols courtesy of a vulnerability discovered and fixed on December 19th 2008.

"Until last week we were unaware that anyone has had access to our protocols to exploit it" a Spotify spokesperson by the name of Andres admits. He also states that the information accessed "could allow rapid testing of password guesses, possibly finding the right one."

Without wishing to undermine the seriousness of any security breach, especially at an up and coming service with a high media profile and which had just celebrated gaining its one millionth user, this breach is not as bad as it is being painted in some quarters methinks.

So what, exactly happened and who exactly is at risk here? More on page 2...

CONTINUES 


Start 1 2 Next 

Sponsored Announcements

Websense #1 in Web Security Fourth Year in a Row

David Bass | For the fourth year in a row, IDC has placed content security provider Websense (NASDAQ: WBSN) at the top of the IDC Worldwide Web Security 2011 –…

You may have missed


Advertisement

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases