- Spotify experienced a widespread outage on May 12, 2026, affecting apps, web players, and support services for several hours.
- The Islamic Cyber Resistance Team 313 in Iraq claimed responsibility and said it launched a DDoS attack on Spotify’s servers.
- The same group recently attacked Canonical, adding to its sporadic history of disruptive cyberattacks against major platforms.
The Islamic Cyber Resistance Team 313 in Iraq, a hacking collective that has sporadically attacked businesses and services across the Western world, has claimed responsibility for the major outage Spotify recently experienced.
On May 12, 2026, thousands of Spotify users reported having issues with both the app, web player, and support site. The music streaming service confirmed it was “aware of some issues with the app at this time” and said it was investigating the matter.
Now, the pro-Iran hacking group said it was to blame for the outage, confirming that Spotify suffered a distributed denial of service (DDoS) attack.
Revenge for Khamenei?
“The hand of vengeance will reach the murderers of Imam Khamenei,” the group reportedly said on Telegram, the Jerusalem Post reported. In the same announcement, the group said it “conducted a massive cyberattack targeting Spotify’s core servers, causing a major outage to the website and completely disabling the app.”
The problems began around 12pm ET / 5pm BST, with the first reports of the outage appearing on Down Detector. Reports grew steadily over the next 20 to 30 minutes, peaking at around 14,000 at 1:20 pm ET / 6:20 pm BST, and then appeared to taper off.
However, more than 2 hours later, users in both the US and UK reported that they were having difficulty loading the app on their desktop or mobile device, even though offline tunes seemed to work. Eventually, the multi-platform app was back up and running and Spotify confirmed the issue was fixed shortly before 5pm ET / 10pm BST.
Team 313 isn’t the most active group, but it also recently took a swipe at Canonical, the company behind the popular Ubuntu Linux distribution.
“Canonical’s web infrastructure is under sustained cross-border attack and we are working to address it. We will provide more information on our official channels as soon as we can,” the company said at the time.
Discussing the attack on unofficial Ubuntu forums, community members confirmed that the distribution’s security API was affected, as well as several websites. System updates and installations were also not available at that time.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
