Audio streaming platform SoundCloud has confirmed a significant security breach affecting an estimated 20 percent of its global user base. The company disclosed that hackers gained access to limited account information, including email addresses, through an internal service dashboard. The announcement comes after weeks of service disruptions that left many users unable to connect, particularly those relying on VPNs in restricted regions.
According to SoundCloud, the breach may have impacted roughly 28 million accounts worldwide. While the compromised data included email addresses and publicly visible profile information, the company stressed that no financial details, passwords, or payment information were exposed. A third‑party cybersecurity firm has been engaged to assist with the investigation and ensure containment of the incident.
Media reports have linked the attack to ShinyHunters, a well‑known cyber extortion group, though SoundCloud has stopped short of naming them directly. In its official statement, the company referred only to a “purported threat actor group” and emphasized that all unauthorized access has been shut down. Reports suggest the attackers are pressuring SoundCloud to pay in exchange for not leaking the stolen data.
The breach coincided with widespread connection failures, particularly in countries where SoundCloud access requires VPNs, such as Russia, China, and Turkey. Users reported “403 Error” messages during the downtime. SoundCloud later clarified on X (formerly Twitter) that these disruptions were the result of urgent configuration changes made to strengthen system defenses in response to the incident.
Following containment of the breach, SoundCloud faced multiple denial‑of‑service (DoS) attacks that temporarily disrupted web access. While the platform remains available through its apps and website, the company has urged users to remain vigilant against phishing attempts, a common consequence of data breaches. SoundCloud recommends that all users update their passwords and enable two‑factor authentication to bolster account security.
