- Spotify experienced a widespread outage on May 12, 2026, affecting apps, web players, and support services for several hours
- The Islamic Cyber Resistance in Iraq-313 Team claimed responsibility and said it launched a DDoS attack on Spotify’s servers
- The same group recently targeted Canonical, adding to its sporadic record of disruptive cyberattacks against major platforms
The Islamic Cyber Resistance in Iraq-313 Team, a hacker collective that has sporadically targeted companies and services across the Western world, has claimed responsibility for the major outage experienced by Spotify recently.
On May 12, 2026, thousands of Spotify users reported having issues with both the app and the web player and the support page. The music streaming service confirmed it was “aware of some issues right now with the app” and said it was looking into the matter.
Now the pro-Iranian hacker group said it was to blame for the outage and confirmed that Spotify suffered a DDoS (Distributed Denial of Service) attack.
Revenge for Khamenei?
“The hand of vengeance will reach the killers of Imam Khamenei,” the group reportedly said on Telegram. Jerusalem Post reported. In the same announcement, the group said it “conducted a massive cyber attack targeting Spotify’s main servers, causing a major disruption to the site and completely disabling the application”
The problems started around 12:00 PM ET / 5:00 PM BST, when the first reports of the outage appeared on Down Detector. Reports grew steadily over the next 20–30 minutes, peaking at about 2,000 p.m. 1.20pm ET / 6.20pm BST – and appeared to drop off.
More than 2 hours later, users in both the US and UK reported that they were having trouble getting the app to load on either desktop or mobile – although offline tunes appeared to be working. Eventually, the cross-platform app came back to life, and Spotify confirmed that the issue was fixed shortly before 10 p.m. 5pm ET / 10pm BST.
The 313 team is not the most active group, but it also recently beat Canonical, the company behind the popular Linux distribution Ubuntu.
“Canonical’s web infrastructure is under an ongoing, cross-border attack and we are working to resolve it. We will provide more information in our official channels as soon as we are able to,” the company said at the time.
Discussing the attack on unofficial Ubuntu forums, community members confirmed that the distro’s security API was affected, as well as several websites. Updates and system installations were also not available at that time.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
