News Flash

Spotify drained: its music catalog appears on Torrent

A 300-terabyte shock hits global streaming and reignites the piracy debate

its music catalog

19 January 2026

Table of contents

  • A mammoth archive: The numbers behind the case
  • Spotify confirms: “It was a hacker attack”
  • Cultural preservation or digital piracy?
  • A warning signal for the entire industry

A mammoth archive: The numbers behind the case

According to the hacktivist group Anna’s Archive, they performed a near-complete “backup” of Spotify’s database.

The numbers are staggering: 300 terabytes of data, 256 million rows of metadata, and up to 86 million audio files equivalent to 99.6% of the platform’s total streams.

For now, only the metadata is publicly available, but the audio is gradually being released via Torrent, distributed by popularity: the most-streamed tracks at 160 kbps, the lesser-known ones in compressed versions.

Spotify confirms: “It was a hacker attack”

Speaking to Billboard and Android Authority, Spotify confirmed the incident, openly acknowledging a data breach.

A spokesperson explained that their internal investigation identified unauthorized access and the use of illicit systems to bypass the DRM protecting audio files.

“We have identified and deactivated accounts involved in illegal scraping activities and strengthened security measures,” the Swedish company said.

According to the hacktivists, the attack dates back to July 2025: content uploaded after that date is not included in the archive.

Cultural preservation or digital piracy?

Anna’s Archive claims the operation is part of its mission to “preserve human knowledge and culture,” describing the archive as the first fully open global music repository.

The line, however, is thin: none of this is legal.
Distributing copyrighted tracks via Torrent remains an act of piracy, with potential criminal and civil consequences for both those who distribute and those who download.

A warning signal for the entire industry

This incident is not just about Spotify.
It highlights how fragile the balance is between digital accessibility, content protection, and cyber security. If a global platform can be “scraped” at this scale, the problem affects the entire streaming ecosystem.

The case raises critical questions:

  • How effective are DRM systems, really?
  • Can public metadata become a weapon?
  • Is streaming truly safer than downloading?

2
To top