Deezer: data from millions of accounts on web sales

This information was put on sale on a clandestine forum in November. The musical streaming platform confirms their authenticity, but affirms that the leak comes from a partner, dates from 2019 and does not contain any sensitive data.

mo12345lemonde

On a forum, a user offers for sale an archive containing data relating to, according to him, a little more than 250 million Deezer accounts, the most used musical listening service in France, notes The specialized site Restore Privacy . The number of French user accounts affected by this leak is, according to this user estimated at around 46.2 million.

The file contains personal information, such as the email address, the name, the first name, the date of birth, the genre, the city and the country of residence, the date of creation and the identifier corresponding to each account . The message posted by the pirate affirms that another archive containing the session data, including lists of artists listened to and the musical preferences of users, is also available in the file.

data dating from 2019

in a Message published in November on the section of his site reserved for the support, Deezer confirmed the authenticity of this data, without however extending on the number of accounts potentially concerned. The platform nevertheless specifies that no sensitive data, such as user passwords or their banking information, is concerned. The company also explains that the data is old and that the leak is actually dating from 2019, which the user has put the data for sale. Contacted, the company did not respond to the requests of the world.

Deezer adds that the leak does not come from its systems: “The data in question had been processed by a third -party partner with which we had not worked since 2020, and it was this partner who suffered the violation” , says the company in its message, without giving more information on the identity of the partner in question. The company ensures that its own databases have not been affected by an attack, but still recommends that users change their passwords “as a precaution.”

Deezer has so far noted any malicious use of the information contained in the file and the sale offer is always online on the forum where it was initially posted. Impossible to know if this archive was bought, nor by whom and for what purpose.

/Media reports cited above.