Anna’s Archive claims it obtained metadata for around 256 million tracks and audio files for roughly 86 million songs, totaling close to 300 TB. Reportedly, this represents about 99.9% of Spotify’s catalog and roughly 99.6% of all streams.
Spotify says it has “identified and disabled the nefarious user accounts that engaged in unlawful scraping” and implemented new safeguards. From a security perspective, this incident is a textbook example of how scraping can escalate beyond “just metadata” into industrial‑scale content theft.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Three Quarters of UK Firms Reported Data Breaches or Infections in 2016
March 17, 2017
Security issues among British companies are extremely high, with 75% of firms admitting they have experienced a data breach in the last year. The data comes from a research ordered by Cyren, a cloud-based security company, and indicates that when it comes to businesses with 1000 or fewer employees, the figure rises to 85%. “There is a ...
- ABTA hack sees personal details of 43,000 people exposed
March 16, 2017
Yahoo, Adult Friend Finder, LinkedIn, Tumblr and Daily Motion all have something in common: in 2016, details of massive hacks perpetrated against the companies were disclosed. The firms represent a handful of the companies and public bodies around the world that suffered at the hands of hackers last year. Data compromised usually included names, emails, ...
- Why is incident response automation and orchestration so hot?
March 16, 2017
I couldn’t attend the RSA Conference this year, but many cybersecurity professionals and my ESG colleagues told me that incident response (IR) automation and orchestration was one of the hottest topics in the halls of the Moscone Center—through the bar at the W hotel and even at the teahouse on the garden at Yerba Buena. Was ...
- One-third of global firms will fall in cyber attack, says report
March 5, 2017
According to a new report, if there was a cyber attack on global firms, almost 73 per cent of them will fail to identify the threat and ward off any damage to their important data and high-value assets. An era where technology is evolving in leaps and bounds, hacking is no longer a rocket science ...
- Yahoo: 32 Million Accounts Accessed via Cookie Forging Attack
March 2, 2017
An unauthorized third party accessed the company’s proprietary code and learned how to forge cookies. Yahoo believes this is the same actor that caused the 2014 data breach. “The outside forensic experts have identified approximately 32 million user accounts for which they believe forged cookies were used or taken in 2015 and 2016,” Yahoo discloses in ...
- New Global Cybersecurity Report Reveals Misaligned Incentives, Executive Overconfidence Create Advantages for Attacker
March 1, 2017
Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), today released “Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity,” a global report and survey revealing three categories of misaligned incentives: corporate structures versus the free flow of criminal enterprises; strategy versus implementation; and senior executives versus those in implementation ...