SoundCloud Confirms Cyberattack, User Data Partially Compromised

SoundCloud has confirmed it was the target of a cyberattack in which hackers gained unauthorized access to data belonging to approximately 20% of the platform’s users. The company said the incident was detected after suspicious activity was identified within an ancillary administrative system, prompting the immediate activation of internal incident response protocols. An investigation carried out with the support of external cybersecurity experts found that the attackers accessed a limited set of data, including email addresses and information already visible on public user profiles.

SoundCloud emphasized that sensitive information such as passwords or financial data was not exposed. Nevertheless, users have been advised to remain vigilant for potential phishing attempts that could follow the incident. With the platform estimated to have more than 100 million users, the breach could affect tens of millions of accounts.

The company stated that the attackers have been removed from its systems, although the platform subsequently faced DDoS attacks, two of which temporarily disrupted the web version of the service. Issues with VPN access reported by users in recent days were linked to security-related configuration changes introduced in response to the incident, and SoundCloud said it is actively working to resolve those problems.