Spotify, a leading music streaming service based in Sweden, has suffered an outage on Friday as users were unable to listen to their songs for nearly an hour.
The widespread outage affected users in countries across Europe and beyond in the afternoon (India time).
“We’ve made a few tweaks backstage, so everything should be back to normal. Need more help? Let @SpotifyCares know,” the company said in a tweet.
The service resumed to normal after an hour or so.
Spotify had faced an outage in August after the company reportedly forgot to renew its TLS certificate. TLS certificates are a sort of digital certificate, issued by a Certificate Authority.
The music service also faced problems earlier this year during a broader Facebook iOS SDK problem.
The outage came at a time when the music streaming service Music launched a rolling password reset of some consumer accounts after an open database containing credentials of some users were exposed.
VPN review website vpnMentor said earlier this week that its research team discovered a possible credential stuffing operation whose origins are unknown, but that affected some online users who also have Spotify accounts.
Credential stuffing is a hacking technique that takes advantage of weak passwords that consumers use — and often re-use — online.
It is estimated that roughly 300,000 to 350,000 accounts were affected in the leak in which email addresses and login credentials – usernames and passwords – were exposed.
The leaked data only relates to a tiny fraction of Spotify’s 299 million active monthly user base.
Led by Noam Rotem and Ran Locar, vpnMentor’s research team has discovered a possible credential stuffing operation whose origins are unknown, but that affected some online users who also have Spotify accounts.
vpnMentor unearthed an Elasticsearch database containing over 380 million records, including login credentials and other user data being validated against the Spotify service.
The origins of the database and how the fraudsters were targeting Spotify are both unknown. The hackers were possibly using login credentials stolen from another platform, app, or website and using them to access Spotify accounts.
Working with Spotify, vpnMentor confirmed that the database belonged to a group or individual using it to defraud Spotify and its users. vpnMentor also helped the music company isolate the issue and ensure its customers were safe from attack.