Music streaming service Deezer has admitted to a large-scale data breach that may have affected 257,829,454 records of users worldwide. The company stated that the breach occurred in 2019 via a third-party service provider, and that the hackers only managed to steal a snapshot of user data, including names, dates of birth, email addresses, gender, location data, join dates, and user IDs. Deezer emphasized that no passwords or payment details were compromised in the attack. The data was made available for sale on a hacking forum in November 2022.
In a statement, Deezer confirmed the security breach but did not comment on the scope of the incident. The company stated that it is currently working with French data protection authorities to investigate the source of the breach and take any necessary action.