These files are rarely from a direct Spotify breach. Instead, they are typically compiled through credential stuffing . Attackers take passwords leaked from other websites and use automated scripts to see if they work on Spotify.
Such lists are frequently shared or sold on "dark web" forums or Telegram channels. Buyers use them to "freeload" on someone else's premium subscription. Impact on Users: 50x Spotify Family - Stranded.txt
Hackers often use these accounts to boost streams for specific artists, which can ruin your "Discover Weekly" and "Year Wrapped" statistics. These files are rarely from a direct Spotify breach
In severe cases, the attacker may change the email and password, locking the original owner out. Recommended Actions If you suspect your account is part of such a list: 50x Spotify Family - Stranded.txt