@Pierre Pfeffer As you may have noted, the data breach occurred in 2019. Immediately after learning of the data breach in November 2022, we contacted the CNIL (Commission Nationale de l'Informatique et des Libertés), with whom we have been working ever since, particularly with regard to the communication we must make to users.
The breach did not occur at Deezer but at a third-party service provider, which we have not worked with since 2020. And it's important to say that, vis-à-vis this provider, we had taken all the necessary precautions to ensure that the security measures were in place: ISO 27001 and SOC 2 certifications, contractual obligation to secure data, GDPR compliant data protection agreement, certificate of data destruction at the end of the contract, etc.
As far as Deezer's systems are concerned, their security is not compromised and, of course, we will continue to enhance our capabilities to ensure their protection and the protection of our users' data, including vulnerability scans and penetration tests.
If you have any further questions, please let us know