It might be time for a password update.
After some major data breaches lead to lots of login credentials being released online, Spotify has reset some of its users’ passwords. The good news is they haven’t been hacked, but the bad news is that—if you’re the type of person who uses the same password for every account—your login info probably just got a little less secure.
Spotify hasn’t given comment on which data dump prompted its password sweep, but William Turton at Gizmodo pointed out that “a huge Dropbox dump with over 60 million accounts from 2012 surfaced online yesterday, so that very well could be it.”
The company didn’t legally need to take the precaution of contacting clients whose passwords might have been compromised—the leak apparently happened with some other service, not Spotfiy itself—but they did anyway, which is sweet of them.
“To protect your Spotify account, we’ve reset your password. This is because we believe it may have been compromised during a leak on another service with which you use the same password,” reads an email sent to users Wednesday.
“Don’t worry!” it continues. “This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure.”
So basically, because this other service leaked password information, Spotify thought it’d be prudent to run the names of those compromised accounts against their own customers and see if any of them had identical passwords. If they did, Spotify went ahead and took the security measure of resetting the customer’s password for them. Not bad!
So if you see Spotify prompt you to update your password in the next couple days, it’s probably a good idea to comply.