More precautions after a Pandora Music Service breach.

Another day, another hack…

Just a few days ago, I posted my first blog post for Get Social with Cat on the topic of security breaches at Twitter and LinkedIn. Today, I give you an announcement of Pandora’s usernames and passwords being compromised.[1] The news crossed my desk a few days ago, but distractions happened and I didn’t act promptly. Today, I received this email:

Pandora LogoDear Pandora listener,

 

As a precaution, we want to make you aware of a situation that could possibly affect your Pandora account. 

 

First off, there is no evidence that your Pandora account has been compromised or tampered with in any way. 

 

However, usernames and passwords that were breached from a service other than Pandora a few years ago were posted on the web recently. In order to protect Pandora Listeners, our security teams have analyzed the date and found that your Pandora username was included in the list.

 

If you share passwords across services and haven’t updated them recently, and you haven’t already reset your Pandora password, you should do so now. Below is a link to which you can request a password reset on Pandora.

 

We apologize for any inconvenience and are happy to answer any questions you have.

 

Listen on, Pandora

So what’s the big deal?

The concern is not that someone will go in and create new playlists. It is about whether or not I have used that same combination of email and password on a more important account.

If you are a Pandora account holder and you didn’t receive an email like this, do you need to worry? No. Probably not.

Would I still change my password? If the chaos of that morning hadn’t distracted me, I would’ve changed it after that news broadcast.

What do I recommend you do next? Read the suggestions in “Should I change my passwords after a hacking on social media?”

Some other tips:

  • Use one password across the social media board. If one site gets hacked, change them all.
  • Have one password for all sites with no banking info (i.e. haven’t used the site for shopping) and minimal personal information. If those get hacked, don’t even give it a second thought.
  • Change both your social site passwords and sensitive information sites (banks, bills) every couple of months… add it to your calendar with reminders.
  • Any site where you store your credit information, change passwords often and don’t allow a site to save that info if you rarely use it.
  • Keep all of your passwords in a secure place offline. You are no doubt going to forget some because of all of this precaution, but you can easily refer back to that in a pinch.

Do you have any tips on Internet security? I’d love to hear how you manage your login information. Leave suggestions in the comments below.

 

[1]  McAlone, Nathan. (2016, Jul 11). If you use Pandora, you should probably change your password right now. Business Insider. Web. http://www.businessinsider.com/pandora-usernames-compromised-2016-7