SoundCloud Hit by Data Breach and DoS Attacks
▼ Summary
– SoundCloud confirmed a data breach where an unauthorized group accessed email addresses and public profile data for about 20% of its users.
– The company stated that no financial data, passwords, or other sensitive information was compromised in this incident.
– Following the breach, SoundCloud experienced denial-of-service attacks that temporarily made the platform unavailable, especially for web users.
– The connectivity issues some users faced were due to configuration changes SoundCloud implemented in response to these attacks.
– A cyber extortion group is suspected, but it is unclear if the same group is responsible for both the breach and the DoS attacks.
The popular audio streaming platform SoundCloud has confirmed a significant security incident, involving both a data breach and a series of disruptive denial-of-service (DoS) attacks. This news follows user reports of connectivity problems, particularly for those accessing the service through VPNs, which the company has now linked to defensive configuration changes made in response to the cyber onslaught.
The breach involved unauthorized access to an ancillary service dashboard. SoundCloud’s security team detected the suspicious activity and immediately activated its incident response plan, bringing in external cybersecurity experts to assist. The investigation revealed that a threat actor managed to obtain data from approximately 20% of SoundCloud’s user base. Crucially, the compromised information was limited to email addresses and data already publicly visible on user profiles. The company has stated that financial information, passwords, and other sensitive data were not accessed, and they believe the attackers no longer have any access to internal systems.
Separately, the platform was subjected to multiple denial-of-service attacks that caused temporary outages. These attacks made the website temporarily unavailable for some users. SoundCloud is officially blocked in several countries, including Russia, mainland China, and Turkey, leading many users in those regions to rely on VPNs. The service disruptions initially sparked fears that SoundCloud had begun permanently blocking VPN access, but the company clarified the issues were attack-related. The platform is currently accessible again via both web and mobile apps, indicating the attacks have subsided or been mitigated.
While SoundCloud has not publicly identified the perpetrators, cybersecurity researchers point to the ShinyHunters cyber extortion group as being responsible. This group is reportedly attempting to extort payment from SoundCloud in exchange for not leaking the stolen data. It remains unclear if the same group is behind both the data breach and the subsequent DoS attacks. SoundCloud has pledged to keep users informed as the investigation progresses and is implementing measures to bolster its defenses against future threats.
(Source: HelpNet Security)
