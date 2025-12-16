Following a period of instability over the last few days, SoundCloud has confirmed a data breach by “a purported threat actor group”. The streaming service says that it “detected unauthorized activity in an ancillary service dashboard” and that an investigation found that “certain limited data that we hold” had been accessed.

SoundCloud says that while around 20 percent of users’ data was involved, “the data involved consisted only of email addresses and information already visible on public […] profiles”.

While SoundCloud is quick to stress that the issue has now been resolved and that there is no ongoing risk to security, it provides some detail about what happened and how it responded.

No information about who may have been responsible have been release yet, but SoundCloud says:

What Happened

SoundCloud recently detected unauthorized activity in an ancillary service dashboard. Upon making this discovery, we immediately activated our incident response protocols and promptly contained the activity. We also engaged leading third-party cybersecurity experts to assist in a thorough investigation and response. Following the containment, SoundCloud experienced denial of service attacks, two of which were able to temporarily disable our platform's availability on the web only.

We understand that a purported threat actor group accessed certain limited data that we hold. We have completed an investigation into the data that was impacted, and no sensitive data (such as financial or password data) has been accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles and affected approximately 20% of SoundCloud users.

We are confident that any access to SoundCloud data has been curtailed.

The company goes on to talk a bit about what it did upon learning about the incident:

How We Responded

Working with independent cybersecurity experts, we have taken immediate steps to further strengthen our systems, including: enhancing our monitoring and threat-detection, reviewing and reinforcing identity and access controls and conducting a comprehensive audit of related systems. As part of these updates, some configuration changes have caused some users on VPNs to experience temporary connectivity issues. We are actively working to resolve these VPN related access issues.

The article concludes with a “What You Can Expect Next” section:

Protecting the privacy and security of our users, employees and partners remains our highest priority. We’ll continue to share updates as we learn more and are committed to keeping you informed. We’re taking steps to reduce the risk of similar issues in the future.

As always, we recommend our users to follow general best online security practices, remain vigilant and be aware of phishing attempts.