"Based on our findings, we are not aware of any increased risk to users as a result of this incident,"Stål continued, adding that the company would be asking Android app users to upgrade over the next few days and asking "certain Spotify users" to re-enter their usernames and passwords to log in to the service.
"At this time there is no action recommended for iOS and Windows Phone users," he wrote.
In an FAQ posted along with the blog post, the company said it did not believe the incident would affect users' phones and urged them to avoid "installing Android applications from anywhere other than Google Play, Amazon Appstore or m.spotify.com."
Spotify has more than 40 million active users in more than 50 markets, according to Reuters. The company has long been rumored to be considering an IPO this year, although CEO Daniel Ek said there was "no rush" on the issue in a recent interview with Billboard in which he revealed that the company had 10 million paying customers.
Spotify isn't the only tech company to suffer a data breach. Online commerce giant eBay announced it would ask its 145 million users to change passwords last week — revealing a cyberattack had breached servers containing non-financial user data months earlier.
And retailers have also been hit with cyber attacks — including Target, which suffered an attack may have compromised the financial information of some 40 million customers during the height of the holiday shopping season last year. In April, craft store Michaels confirmed that the credit and debit card information of nearly 3 million customers who shopped at some stores during an eight-month period was stolen.