SoundCloud has confirmed a data breach affecting approximately 29.8 million user accounts, exposing email addresses and profile information to hackers and leaving many users unable to access their accounts.
SoundCloud, one of the world’s largest audio platforms, has reported a significant data breach that has compromised the personal and contact information of approximately 29.8 million users. This incident has left many affected users locked out of their accounts, encountering error messages when attempting to log in.
Founded in 2007, SoundCloud has grown into a prominent service for artists, hosting over 400 million tracks from more than 40 million creators. The scale of this breach raises serious concerns about user security. The company detected unauthorized activity linked to an internal service dashboard, prompting the initiation of its incident response process. Users began experiencing 403 Forbidden errors, particularly when connecting through virtual private networks (VPNs).
Initially, SoundCloud stated that the attackers accessed limited data and did not compromise passwords or financial information. The company claimed that the exposed information consisted of data that users had already made public on their profiles. However, subsequent disclosures revealed a more alarming situation.
According to the data breach notification service Have I Been Pwned, the attackers managed to harvest data from around 29.8 million accounts. Although no passwords were taken, the exposure of email addresses linked to public profiles poses a significant risk. This combination can facilitate phishing attempts, impersonation, and targeted scams.
Security researchers have linked the breach to ShinyHunters, a notorious extortion gang. Sources informed BleepingComputer that the group attempted to extort SoundCloud following the breach. SoundCloud confirmed these claims, stating that attackers made demands and launched email-flooding campaigns aimed at harassing users, employees, and partners. ShinyHunters has also claimed responsibility for recent voice phishing attacks targeting single sign-on systems at major companies such as Okta, Microsoft, and Google.
While the breach may seem less severe than those involving passwords or credit card information, this assumption can be misleading. Email addresses associated with real profiles enable scammers to craft convincing messages, posing as SoundCloud, brands, or even other creators. With access to follower counts and usernames, these messages can appear personal and credible. Once attackers gain the trust of their targets, they can push malicious links, malware, or fake login pages, often leading to larger account takeovers.
SoundCloud has not disclosed whether further details will be made available. The company confirmed the attack and the extortion attempt but has not responded to follow-up inquiries regarding the breach’s scope or its internal controls. For users, the long-term risk lies in how widely this dataset may spread. Once exposed, data rarely disappears and can circulate across forums, marketplaces, and scam networks for years.
In response to the breach, a SoundCloud representative stated, “We are aware that a threat actor group has published data online allegedly taken from our organization. Please know that our security team—supported by leading third-party cybersecurity experts—is actively reviewing the claim and published data.” The company has reiterated that it has found no evidence of sensitive data, such as passwords or financial information, being accessed.
For those with SoundCloud accounts, it is crucial to take immediate action. Even limited data exposure can lead to targeted scams if ignored. Users should be vigilant and monitor their inboxes for messages related to SoundCloud, music uploads, copyright issues, or account warnings. It is advisable not to click on links or open attachments from unexpected emails. When in doubt, users should visit the official website directly instead of using email links. Additionally, employing strong antivirus software can provide an extra layer of protection.
While passwords were not exposed, changing them is still a prudent measure. Users should create new passwords that are unique and not reused across other platforms. For those who struggle to remember passwords, utilizing a password manager can help generate and securely store strong passwords, thereby reducing the risk of reuse.
Furthermore, users should check if their email addresses have been involved in past breaches. Many password managers include built-in breach scanners that can alert users if their email addresses or passwords have appeared in known leaks. If a match is found, it is essential to change any reused passwords and secure those accounts with new, unique credentials.
Implementing two-factor authentication (2FA) adds an important security layer in case someone attempts to access an account. Even if attackers manage to guess or obtain a password, they will still require a second verification step. Users should enable 2FA wherever SoundCloud or connected services offer it.
After most breaches, attackers often use exposed email addresses to test logins across various streaming services, social media, and shopping accounts. Users should be on the lookout for password reset emails they did not request or login alerts from unfamiliar locations. If anything seems suspicious, it is vital to act quickly.
The SoundCloud breach serves as a reminder that data breaches can have far-reaching consequences, even when the exposed information appears harmless. Public profile data combined with private contact details creates real exposure. Staying alert, limiting data sharing, and adopting strong security practices remain the best defenses as data breaches continue to escalate.
For further information and updates on this situation, users are encouraged to stay informed and proactive in protecting their online presence, especially in light of the evolving landscape of cyber threats. According to Have I Been Pwned, vigilance is key in safeguarding personal information.