Anna’s Archive claims it obtained metadata for around 256 million tracks and audio files for roughly 86 million songs, totaling close to 300 TB. Reportedly, this represents about 99.9% of Spotify’s catalog and roughly 99.6% of all streams.
Spotify says it has “identified and disabled the nefarious user accounts that engaged in unlawful scraping” and implemented new safeguards. From a security perspective, this incident is a textbook example of how scraping can escalate beyond “just metadata” into industrial‑scale content theft.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Global Cybersecurity Report Reveals Misaligned Incentives, Executive Overconfidence Create Advantages for Attacker
March 1, 2017
Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), today released “Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity,” a global report and survey revealing three categories of misaligned incentives: corporate structures versus the free flow of criminal enterprises; strategy versus implementation; and senior executives versus those in implementation ...
- UK crime agency arrests suspect in Deutsche Telekom cyber attack
February 23, 2017
British authorities have arrested a suspect in connection with a cyber attack that infected nearly 1 million routers used to access Deutsche Telekom’s (DTEGn.DE) internet service, German federal police said on Thursday. Britain’s National Crime Agency detained the 29-year-old Briton at one of London’s airports on Wednesday, the police said in a statement. Deutsche Telekom welcomed the ...
- How to Bury a Major Breach Notification
February 21, 2017
Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance. The report detailed a malware campaign that piggybacked on a popular piece of software used by system administrators at some of the ...
- Britain could carry out cyber attacks to defend itself against Russia
February 2, 2017
Britain could carry out offensive cyber attacks to tackle high-tech Russian subversion, the Defence Secretary has suggested. Sir Michael Fallon said the UK and its Nato allies must now compete on the cyber battlefield as much as they do in conventional air, land and sea warfare. Britain’s adversaries must know they face a price for using cyber ...
- Google mistakes the entire NHS for massive cyber-attacking botnet
February 1, 2017
Google is blocking access to the entire NHS network, mistaking the amount of traffic it is currently receiving as a cyber attack. An email from an NHS trust’s IT department seen by The Register confirmed that the US search giant has mistaken the current traffic levels for a botnet. The email headed “Google Access” stated: “Google is ...
- Police Arrested Suspected Hacker Who Hacked the ‘Hacking Team’
January 31, 2017
In 2015, a hacker named Phineas Fisher hacked Hacking Team – the Italy-based spyware company that sells spying software to law enforcement agencies worldwide – and exposed some 500 gigabytes of internal data for anyone to download. Now, the Spanish authorities believe that they have arrested Phineas Fisher, who was not just behind the embarrassing hack ...

