Hackers have stolen the private and get in touch with data belonging to over 29.8 million SoundCloud consumer accounts after breaching the audio streaming platform’s programs.
SoundCloud was based in 2007 as an artist-first platform that now gives entry to over 400 million tracks from greater than 40 million artists worldwide.
The corporate confirmed the breach on December 15, following widespread studies from customers who have been unable to entry SoundCloud and noticed 403 “Forbidden” errors when connecting through VPN.
SoundCloud advised BleepingComputer on the time that it had activated its incident response procedures after detecting unauthorized exercise involving an ancillary service dashboard.
“We perceive {that a} purported risk actor group accessed sure restricted knowledge that we maintain,” SoundCloud mentioned. “We have now accomplished an investigation into the information that was impacted, and no delicate knowledge (reminiscent of monetary or password knowledge) has been accessed. The information concerned consisted solely of e mail addresses and data already seen on public SoundCloud profiles.”
Whereas SoundCloud did not present additional particulars concerning the incident, BleepingComputer discovered that the breach affected 20% of all SoundCloud customers, roughly 28 million accounts based mostly on publicly reported consumer figures (SoundCloud later printed a security discover confirming the knowledge supplied by BleepingComputer’s sources).
After the breach, BleepingComputer additionally discovered that the ShinyHunters extortion gang was accountable for the assault, with sources saying that the risk group was additionally trying to extort SoundCloud. This was confirmed by SoundCloud in a January 15 replace, which mentioned the risk actors had “made calls for and deployed e mail flooding techniques to harass customers, workers, and companions.”
Though SoundCloud has but to share what number of customers’ knowledge was stolen, data breach notification service Have I Been Pwned revealed the extent of the breach on Monday, reporting that it affected 29.8 million accounts whose e mail addresses, geographic places, names, usernames, and profile statistics have been harvested within the incident.
“In December 2025, SoundCloud introduced it had found unauthorised exercise on its platform. The incident allowed an attacker to map publicly out there SoundCloud profile knowledge to e mail addresses for about 20% of its customers,” mentioned data breach notification service Have I Been Pwned.
“The impacted knowledge included 30M distinctive e mail addresses, names, usernames, avatars, follower and following counts and, in some instances, the consumer’s nation. The attackers later tried to extort SoundCloud earlier than publicly releasing the information the next month.”
BleepingComputer reached out to SoundCloud once more right now with questions concerning the December incident, however a response was not instantly out there.
Final week, ShinyHunters additionally claimed accountability for a wave of ongoing voice phishing assaults focusing on single sign-on (SSO) accounts at Okta, Microsoft, and Google, which might allow attackers to breach company SaaS platforms and steal knowledge for extortion.
As MCP (Mannequin Context Protocol) turns into the usual for connecting LLMs to instruments and knowledge, security groups are shifting quick to maintain these new providers secure.
This free cheat sheet outlines 7 finest practices you can begin utilizing right now.
