Soundcloud confirms data breach - user info stolen, here's what you need to know

News
By published

About a fifth of Soundcloud's user base had email details stolen

The best free SoundCloud downloader
(Image credit: Shutterstock)
  • SoundCloud confirms unauthorized system access and data breach
  • Some 20% of its users had their emails and public information nabbed
  • Sources claim attack was carried out by ShinyHunters

SoundCloud has confirmed suffering a cyberattack in which it lost sensitive data on about a fifth of its user base.

In a data breach notification posted on its website, SoundCloud said it “recently” detected unauthorized activity in an ancillary service dashboard.

A subsequent investigation discovered a “threat actor group” accessed certain data, which mostly includes user emails and information otherwise visible on public SoundCloud profiles. The company said the breach affected roughly 20% of its users which, according to multiple sources, equals roughly 28 million users.

VPN woes

"We understand that a purported threat actor group accessed certain limited data that we hold," the company said.

"We have completed an investigation into the data that was impacted, and no sensitive data (such as financial or password data) has been accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles and affected approximately 20% of SoundCloud users."

SoundCloud also brought in a third-party cybersecurity company to assist with the analysis and containment and said that after the threat had been eliminated, the attackers engaged in multiple denial-of-service attacks. Two of them succeeded in temporarily disabling SoundCloud’s availability on the web.

There were also issues for users accessing the platform via VPN. As explained by CyberInsider, SoundCloud is accessible globally but faces restrictions in certain regions, which is why VPN is essential for some users.

Those users were seeing ‘403 ERROR - The request could not be satisfied' messages when trying to connect this way. At first, users believed this was due to geoblocking, or IP filtering changes, but was later explained that it was because of security hardening measures SoundCloud implemented after the breach.

Although it wasn’t explained in detail, it is possible that the changes changed filtering rules or Web Application Firewall (WAF) policies. SoundCloud said it was currently working on fixing this problem.

The company did not name the threat actors behind this attack but the media are reporting that this was the work of ShinyHunters, a ransomware group known for avoiding the encryption part, and focusing solely on data exfiltration. The group is reportedly now negotiating a ransom payment with SoundCloud, but this information was not confirmed publicly.

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.