Description: **Spotify’s Entire Music Catalog Leaked by Pirate Activist Group** A pirate activist collective, **Anna’s Archive**, extracted and released **Spotify’s near-complete music catalog**—approximately **300 terabytes** of audio files and metadata—across peer-to-peer networks. The leak, documented on **Thursday**, includes **86 million audio files** and **256 million rows of track metadata**, representing **99.6% of all listening activity** on the platform. Spotify confirmed the breach, stating that a third party **scraped public metadata** and **bypassed digital rights management (DRM)** to access audio files. A spokesperson told *Billboard* that the company is **actively investigating and mitigating the incident**. Anna’s Archive, known for preserving books and academic papers, framed the leak as a **"preservation archive"** for music, aligning with its mission to safeguard cultural knowledge. The dataset is **37 times larger** than MusicBrainz, the previous largest open-source music database, containing **186 million unique International Standard Recording Codes (ISRCs)**—covering **99.9% of Spotify’s 256 million tracks**. The group prioritized files using **Spotify’s own popularity metrics**, capturing songs available through **July 2025**. Metadata is already available for download, while audio files are being distributed in stages, ranked by streaming popularity, to avoid overwhelming servers. **Yoav Zimmerman**, CEO of **Third Chair**, noted that the leak could enable users to **recreate a personal, free version of Spotify** using media servers like Plex—with copyright law as the only major barrier. He also highlighted the implications for **AI training**, as the dataset could allow companies to **scale music-based model development** more easily. The data is now circulating on peer-to-peer networks, with no way to fully contain its spread.

Description: The California Office of the Attorney General reported a data breach involving Spotify USA Inc. on December 9, 2020. The breach, which inadvertently exposed Spotify account registration information, occurred between April 9, 2020, and November 12, 2020. The specific number of individuals affected is unknown.

Description: Hackers have been attempting to gain access to Spotify accounts using a database of 380 million records with login credentials and personal information collected from various sources. Users have expressed concern that their Spotify accounts were compromised after changing their passwords, when new playlists appeared in their profiles, or when strangers from other countries were added to their family accounts. A recent study describing the active hacking of Spotify accounts using a database of over 380 million records, including login information, may shed some light on these account hacks.

Description: On the website Pastebin, 100 of Spotify account credentials—including emails, usernames, passwords, account types, and other information got exposed. Confirming that hackers had not gained access to its systems, the corporation denied any data breach. Spotify said that user data is safe and that it has not been compromised. Spotify's security team reportedly resets compromised passwords proactively, and several users have reported account issues, according to the news outlet Techcrunch. While using the site, some customers encountered issues, others discovered that their account email had been changed to an address that did not belong to them.