Bandsintown_For Artist_Banner_6-11-19-01-01

Spotify 'Hate and Hateful' Policy Crisis Is About Social Responsibility [Mark Mulligan]
THU. BRIEF: Spotify Admits Hate Policy 'Rolled Out Wrong' • Apple Music Biz Revamp • AIM Indie Awards • More

Credentials To Universal Music Computer Systems Exposed

UMG squareFor days or even weeks, the deepest, darkest secrets kept within the private IT infrastructure of Universal Music Group had laid exposed.  But who knew, what information they gathered and how they will use it against artists and the world's biggest music company, remains a major unknown.


image from

Earlier this month, a German security researcher for the cyber-security firm Kromtech discovered and then helped plug a gaping whole in the tech infrastructure of Universal Music Group.  

In a report, made public this week,  security expert Bob Diachenko says that an open server was exposing FTP credentials, AWS configuration details (secret access keys and passwords), SQL passwords, and internal source code for Universal Music's IT network.

"This leak of highly sensitive information took place because a third-party contractor that was managing a part of Universal's IT systems had deployed an instance of an Apache Airflow server without securing it with a password," according to Bleeping Computer, who broke the story.