Have I Been Pwned: SoundCloud data breach impacts 29.8 million accounts

[Brownie2019]

Content source

https://www.bleepingcomputer.com/news/security/have-i-been-pwned-soundcloud-data-breach-impacts-298-million-accounts/

Hackers have stolen the personal and contact information belonging to over 29.8 million SoundCloud user accounts after breaching the audio streaming platform's systems.
SoundCloud was founded in 2007 as an artist-first platform that now provides access to over 400 million tracks from more than 40 million artists worldwide.
The company confirmed the breach on December 15, following widespread reports from users who were unable to access SoundCloud and saw 403 "Forbidden" errors when connecting via VPN.
SoundCloud told BleepingComputer at the time that it had activated its incident response procedures after detecting unauthorized activity involving an ancillary service dashboard.
"We understand that a purported threat actor group accessed certain limited data that we hold," SoundCloud said. "We have completed an investigation into the data that was impacted, and no sensitive data (such as financial or password data) has been accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles."
While SoundCloud didn't provide further details regarding the incident, BleepingComputer learned that the breach affected 20% of all SoundCloud users, roughly 28 million accounts based on publicly reported user figures (SoundCloud later published a security notice confirming the information provided by BleepingComputer's sources).
After the breach, BleepingComputer also learned that the ShinyHunters extortion gang was responsible for the attack, with sources saying that the threat group was also attempting to extort SoundCloud. This was confirmed by SoundCloud in a January 15 update, which said the threat actors had "made demands and deployed email flooding tactics to harass users, employees, and partners."

Although SoundCloud has yet to share how many users' data was stolen, data breach notification service Have I Been Pwned revealed the extent of the breach on Monday, reporting that it affected 29.8 million accounts whose email addresses, geographic locations, names, usernames, and profile statistics were harvested in the incident.
"In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform. The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users," said data breach notification service Have I Been Pwned.
"The impacted data included 30M unique email addresses, names, usernames, avatars, follower and following counts and, in some cases, the user's country. The attackers later attempted to extort SoundCloud before publicly releasing the data the following month."
BleepingComputer reached out to SoundCloud again today with questions about the December incident, but a response was not immediately available.
Last week, ShinyHunters also claimed responsibility for a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, which could enable attackers to breach corporate SaaS platforms and steal data for extortion.

 

[ForgottenSeer 114717]

This kind of stuff is not even newsworthy any longer (no offense to OP intended). Just assume your data is stolen and already on the Dark Web (because it is).

It's all just website clik-bait now. The worst compromises almost never get reported and reported on, because they organizations don't want the compromises revealed.

 

[Divergent]

Remediation & Recovery​

Based on NIST 800-61r3 (Incident Handling) and identity security best practices.

Identity Verification
Check Have I Been Pwned to confirm if your specific email was included in the SoundCloud breach.

Password Hygiene
While passwords were not explicitly stolen in this incident, users should immediately change passwords on any accounts that share the same credentials used for SoundCloud.

MFA Implementation
Enable Multi-Factor Authentication (MFA) on all linked accounts (Google, Facebook, etc.) used to sign into SoundCloud to prevent session hijacking.

Phishing Awareness
Be vigilant for sophisticated phishing attempts that leverage your SoundCloud username or country data to appear legitimate.

Post-Incident Hardening​

To prevent recurrence and mitigate the impact of similar ancillary service breaches, organizations should adopt CIS Critical Security Control 6: Access Control Management. Specifically, ensure that all administrative and ancillary service dashboards are protected by phishing-resistant MFA (such as FIDO2/WebAuthn) and restricted via IP allowlisting or a Zero Trust Network Access (ZTNA) solution to prevent unauthorized external access.

References​

BleepingComputer
Have I Been Pwned: SoundCloud data breach impacts 29.8 million accounts

Have I Been Pwned
SoundCloud Breach Disclosure

NIST SP 800-61 Rev. 3
Computer Security Incident Handling Guide.

 

[Halp2001]

The SoundCloud case just confirms what many of us already suspect: attacks aren’t the exception, they’re the rule. And let’s be honest—half the time we don’t even hear about them because the company prefers to “negotiate” quietly. Colonial Pipeline in 2021 paid millions in crypto to get its systems back, Garmin in 2020 also reportedly went down that road… and those are only the ones that made headlines.

So when a platform tells us “don’t worry, only emails and public data were exposed,” you really don’t know whether to laugh or cry. Because behind the curtain there’s usually a group like ShinyHunters pushing extortion, while the company tries to keep the scandal under wraps.

Bottom line: your data is already on the Dark Web, probably alongside other breaches we’ll never hear about. Transparency in cybersecurity is like a unicorn—everyone talks about it, nobody’s ever seen one.

 

[Zero Knowledge]

Ahhh Soundcloud.... Didn't Sony buy it back in the day? Used to be so good for content, then radio DJs began stealing mashups and songs to play in their shows.