Research report “Last.fm data breach”
Our intelligence analysts unravel the new data breach case of the music streaming platform Last.fm. Download the full research and find out more!
In September 2016, it was confirmed that the Last.fm music streaming platform had experienced a security incident following publication of the event on the blog Leakedsource. This information leak was publicly exposed in late September through forums dedicated to trading stolen credentials.
The leaked information was personal data, and exposed usernames, passwords and e-mails for platform log-in, as well as statistical data and user usage data for the affected platform.
Though corporate use accounts should not be registered with the platform, some emails have been found associated with different governmental organisations and state forces. For this reason it is necessary to reliably verify the existence of potentially affected corporate accounts. Additionally, because of the volume of credentials leaked, users could be at risk of future spear phishing campaigns attempting to obtain newly generated credentials for this platform and others by using the personal data identified in the leak as a strategy.