SoundCloud has revealed that a data breach has impacted around 20% of its users, with hackers gaining access to email addresses and public profile details through unauthorized actions in one of its service dashboards.
The breach is now under control, but it coincided with significant disruptions in VPN access and denial-of-service attacks that temporarily hindered the platform’s operation.
In a statement released, the company explained that internal systems flagged unusual activity linked to a secondary dashboard.
SoundCloud quickly implemented its incident response plan, secured the affected systems, and brought in external cybersecurity experts to conduct a comprehensive investigation.
They assured users that no sensitive information, such as passwords or financial details, was compromised during this incident.
The compromised data primarily consists of email addresses and profile information that users have already made public on the platform.
With SoundCloud’s user base estimates, this breach could potentially affect about 28 million accounts. The company confirmed that there is no ongoing threat and that all unauthorized access has been shut down.
After the breach was contained, SoundCloud experienced several denial-of-service attacks, with two of them successfully disrupting access to the platform for a brief period.
Although the company did not directly link these attacks to the same perpetrators, the timing indicates a possible coordinated effort to disrupt the service while recovery was underway.
Founded in Berlin, SoundCloud serves as a prominent audio distribution platform, popular among independent musicians, podcasters, and content creators. While it is available globally, some regions impose restrictions, making VPN usage crucial for users in those areas.
Reports began to emerge over the weekend about SoundCloud users encountering “403 ERROR – The request could not be satisfied” messages when connecting through VPNs. Initially, users thought this might be due to geoblocking or IP filtering changes.
SoundCloud later clarified that the VPN issues were unintentional and arose from configuration adjustments made as part of their enhanced security measures following the breach.
These changes likely involved stricter filtering rules or modifications to the Web Application Firewall (WAF), which inadvertently blocked some users relying on VPNs or proxy services. The company is currently working to fix these connectivity issues.
While SoundCloud has not disclosed the identity of the attackers, reports from BleepingComputer suggest that the notorious data extortion group ShinyHunters might be behind the incident, based on information from an unnamed source.
If you enjoyed this article, consider following us on X/Twitter and LinkedIn for more exclusive updates and content.
Other Stories You May Like