If your account is linked to your Google, Apple or Facebook account that might be the culprit (I think you can see this in yout account settings). You need to check that because the consequences could be way worse than just having access to your Spotify account. You can use HaveIBeenPwned to look for leaks matching your e-mail address or password.
Another possibility is that your browser/OS or spotify client was infected by a token stealer which can automatically steal your access tokens as you log-in after changing the password.
If your account is linked to your Google, Apple or Facebook account that might be the culprit (I think you can see this in yout account settings). You need to check that because the consequences could be way worse than just having access to your Spotify account. You can use HaveIBeenPwned to look for leaks matching your e-mail address or password.
Another possibility is that your browser/OS or spotify client was infected by a token stealer which can automatically steal your access tokens as you log-in after changing the password.
The weird thing is that it’s linked to my Facebook account, which has MFA…
Then it may be a token stealer.