SoundCloud Data Breach Exposes User Info, Disrupts VPN Access
▼ Summary
– SoundCloud experienced a security breach where threat actors stole a database containing users’ email addresses and publicly visible profile information.
– The company confirmed no sensitive financial or password data was accessed, and unauthorized access to its systems has been blocked.
– The breach is reported to affect roughly 28 million accounts, which is about 20% of SoundCloud’s user base.
– In response, SoundCloud strengthened its security but a configuration change disrupted VPN access, causing 403 errors for VPN users.
– The extortion gang ShinyHunters is allegedly responsible for the breach and is now attempting to extort SoundCloud.
The recent disruption affecting SoundCloud users, particularly those connecting through VPN services, has been officially linked to a security incident. The audio streaming platform confirmed that unauthorized access to an internal dashboard led to the theft of a user database. This breach resulted in the exposure of email addresses and publicly visible profile information for a significant portion of the platform’s user base. While the company states that no sensitive financial data or passwords were compromised, the incident has raised concerns and caused notable service interruptions.
Over the past several days, numerous users reported being unable to access SoundCloud when using a Virtual Private Network. Attempts to connect were met with 403 “forbidden” error messages, effectively blocking their access. The company has now clarified that these connectivity issues were a direct side effect of its emergency security response. In an effort to contain the breach and prevent further unauthorized access, SoundCloud implemented configuration changes that inadvertently disrupted legitimate VPN traffic. The platform has not yet provided a specific date for when full VPN functionality will be reinstated.
According to the company’s investigation, the threat actor gained access to what it describes as “certain limited data.” The compromised information is said to consist solely of email addresses and details already available on public user profiles. SoundCloud emphasized that sensitive data, including payment information and account passwords, remained secure and was not accessed during the intrusion. The company worked with external cybersecurity experts to address the vulnerability, taking steps to enhance monitoring, review access controls, and assess related systems to prevent future incidents.
Independent reports suggest the scale of the breach is substantial, potentially affecting approximately 28 million user accounts. This figure represents an estimated twenty percent of SoundCloud’s total user base. Following its initial containment efforts, the platform also faced denial-of-service attacks that temporarily impacted website availability, compounding the service instability experienced by users. The company maintains that all unauthorized access to its systems has now been successfully blocked and that there is no ongoing threat to the platform’s security.
While SoundCloud has not publicly identified the perpetrators, sources indicate that the notorious ShinyHunters extortion gang is responsible. This group is allegedly behind the theft of the user database and is now attempting to extort the company. The same threat actor has been linked to other high-profile data breaches reported recently, highlighting a pattern of targeting large online platforms. SoundCloud has published a security notice acknowledging the incident and reassuring users that it continues to monitor the situation closely as its investigation proceeds.
(Source: Bleeping Computer)
