Spotify's database has been hacked, with the company confirming that details of thousands of users have been stolen.
The streaming music service had been celebrating hitting the million user mark just a few days ago, but has now discovered that a problem that was fixed by the company on December 19 had in fact been taken advantage of.
"The information was exposed due to a bug that we discovered and fixed on December 19th, 2008," Spotify announced.
"Until last week we were unaware that anyone had had access to our protocols to exploit it.
Not just passwords
"Along with passwords, registration information such as your email address, birth date, gender, postal code and billing receipt details were potentially exposed. Credit card numbers are not stored by us and were not at risk," adds the blog post.
"If you have an account that was created on or before December 19th, 2008, we strongly suggest that you change your password and strongly encourage you to change your passwords for any other services where you use the same password."
The news will come as a huge blow not only to thousands of loyal fans but also to the company, which has quickly found its feet in the UK as listeners take advantage of free streaming of thousands of mainstream songs with the odd ad thrown in.
"We are really sorry about this and hope you accept our apologies," concludes the blog post.
"We're doubling our efforts to keep the systems secure in order to prevent anything like this from happening again."
