
Deezer Breach
Sep 1, 2019
244,839,508 rows
What happened in the Deezer Breach?
DataBreach.com Team · November 30th 2024, 7:00 pm EST
In November 2022, Deezer, a French music streaming service, disclosed a significant data breach affecting over 229 million users. The breach originated from a 2019 incident involving a third-party service provider, which had retained user data beyond the termination of its contract with Deezer in 2020. This data was later discovered for sale on a cybercrime forum, bringing the breach to light.
The compromised information included users' full names, email addresses, dates of birth, gender, city and country of residence, IP addresses, user IDs, registration dates, and spoken languages. Deezer confirmed that no passwords or payment details were exposed. The company emphasized that its own systems remained secure and that the breach was solely due to the third-party provider's mishandling of data.
Upon discovering the breach, Deezer initiated an internal investigation and began collaborating with the French data protection authority, CNIL. They published an article on their support site to inform users about the data leak. However, some users criticized the company for not directly notifying affected individuals, arguing that the information was not prominently communicated.
As of now, there have been no public reports of legal actions or class-action lawsuits filed against Deezer in relation to this breach. The company continues to work with authorities to address the incident and has taken steps to enhance its data protection measures. This breach underscores the importance of stringent data handling protocols, especially when involving third-party service providers, to safeguard user information.










