Pandora Users Advised to Change Login Information
This morning, Pandora sent an email to its users asking them to reset their password.
The company assured users there was no evidence that their Pandora accounts had been compromised. However, the security team found Pandora usernames in a list of data for sale on the web.
“[U]sernames and passwords that were breached from a service other than Pandora a few years ago were posted on the web recently. In order to protect Pandora Listeners, our security teams have analyzed the data and found that your Pandora username was included in the list.”
While the email does not name a single company responsible for the breach, both LinkedIn and MySpace have recently seen their users’ account information for sale on the dark web, so it is possible that the information originated from these sales.
Pandora told users that, if they share passwords across websites and haven’t updated them recently, now would be an excellent time to do so.
While Pandora offers free streaming music to users, there is also a premium service that allows users to listen to music ad-free for $4.99 per month.