Online music service Spotify has become the latest web firm to suffer a major hack, after revealing yesterday that criminals may have accessed user registration details.
The company said in a security notice on the site that it had been "alerted to a group that managed to compromise our protocols", and could have stolen passwords, email addresses, birth dates, gender details, post codes and billing receipt information.
Credit card details are safe, according to Spotify, as payment is handled by a third party provider.
"After investigating, we concluded that this group had gained access to information that could allow rapid testing of password guesses, possibly finding the right one," read the security notice.
"The information was exposed due to a bug that we discovered and fixed on 19 December 2008. Until last week, we were unaware that anyone had had access to our protocols to exploit it."
Spotify is urging users who signed up before 19 December to change their passwords for the site, and for any other services where they have used the same passwords.
"That's the real story here," he said. "If just one web site has a security blunder, all of your online information may be at risk."
Simon McCready, a partner in the media team at consultancy Deloitte, argued that date of birth and partial address details could be sufficient information to commit identity theft and obtain a credit card fraudulently.
"Users who have given their personal information in return for free music may not see security as a priority," he added. "Users also need to be wary of 'phishing' emails from the hackers seeking additional information after this initial loss."
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon