Change Your Password: Data Hundreds of Spotify Accounts Were Posted on Pastebin

If you use Spotify, this might be a good time to review the safety of your registration: last Saturday (23), a list containing access data and additional information from hundreds (perhaps thousands) of accounts in service was published on Pastebin .
The information comes from TechCrunch, which claims to have contacted several users from emails found in the list to confirm that the data available there are valid. And are the people who responded not only claimed to have accounts in Spotify and confirmed the existence of abnormalities that suggest improper access to them.
Many users noticed that unknown songs appeared in the tracklist heard recently. Others have found music they had never heard added to their playlists. There were more serious cases: some people tried to access the service, but failed because the registered email or password have changed.
In addition to these cases, there are reports of users who only realized abnormalities to receive emails confirming the change of registration data without this procedure has been carried out by them.
Examples of reports found on Twitter:
It is unclear how these data were leaked. Despite dealing with security issues in the past year, Spotify announced that their servers have not suffered any invasion recently. One hypothesis is that these data have been caught by phishing scams mechanisms through logging into fake pages of Spotify or via malware, which would not be difficult: an attacker can provide a malicious app that goes through an interface more intuitive Spotify, only to exemplify.
What is known is that the list is well organized and contains thousands of accounts. In addition to email and password, there are between related information account type (Premium, Family etc.), renewal date and country of origin of the signature – the list contains accounts of various parts of the world.
A representative of Spotify explained to TechCrunch that the company monitors the Pastebin and other sites regularly. When service users of information is found in these pages, the first order of business is to confirm its authenticity. If found that the data are legitimate, then only the users involved are contacted to take appropriate action.
This process can be time consuming (should not, but anyway). Perhaps this explains the fact that, so far, no Spotify notifications records for the problem. As explained above, many users noticed abnormalities in its various forms all, but in any case there was direct contact by the company.
Therefore, consideration should be proactive. You can not check if your account has been affected because the page on Pastebin is not being disclosed publicly to protect the listed users. The best action to be done, therefore, is to change your password from now or at least take a good look at your account: if you notice anything strange, reset your password as soon as possible.
If you use the same login and password on other popular websites (not recommended practice, but very common) also consider changing your data in these services.
Unfortunately, lists like this are not uncommon. What is strange in this story is that, usually, these data are sold or exchanged for invaders in forums and obscure pages.The reason for the list has been made public is that it is a mystery.