In December 2025, music streaming platform SoundCloud disclosed a big information breach affecting roughly 29.8 million person accounts.
The unauthorized entry compromised personally identifiable info (PII), together with electronic mail addresses, usernames, show names, avatars, follower statistics, and geographic location information.
The incident represents probably the most vital music platform breaches in recent times, impacting roughly 20% of SoundCloud’s complete person base.
SoundCloud’s safety workforce recognized unauthorized exercise on its platform throughout December 2025, prompting an instantaneous investigation into the scope and nature of the compromise.
The attackers used a flaw that permit them join public profile info to person electronic mail addresses and accumulate it in massive quantities.Following the invention, SoundCloud initiated incident response procedures and notified affected customers of the safety incident.
Uncovered Information and Assault Methodology
The compromised dataset contained 30 million distinctive electronic mail addresses linked to person accounts, alongside related profile info.
Particularly, the breach included usernames, show names, avatar pictures, follower and following counts, and in some instances, person nation info.
No passwords or fee particulars had been stolen, however combining emails with profile information will increase the chance of phishing and account takeovers.
The attackers demonstrated a scientific strategy by accessing and exfiltrating massive quantities of publicly out there information.
Suggesting both credential compromise or exploitation of an API vulnerability that permitted unauthorized bulk information extraction.
Following the info exfiltration, the menace actors contacted SoundCloud, demanding monetary compensation in change for non-disclosure of the stolen dataset.
When SoundCloud declined the extortion demand, the attackers subsequently launched the compromised information publicly, rising publicity dangers for affected customers.
Affect and Suggestions
The breach carries vital implications for person privateness and safety. E mail addresses linked to SoundCloud usernames considerably enhance the chance of focused phishing and social engineering assaults.
Affected customers are suggested to verify for potential publicity utilizing providers akin to HaveIBeenPwned. Attackers can leverage this information to conduct credential-stuffing assaults on different platforms the place customers could reuse electronic mail addresses.
SoundCloud has suggested affected customers to observe their accounts for suspicious exercise and implement further safety measures.
Customers ought to allow two-factor authentication (2FA) on their SoundCloud accounts and think about altering passwords on different platforms in the event that they reused credentials.
Organizations with worker accounts ought to evaluate entry logs for unauthorized exercise and think about implementing email-based threat-detection insurance policies to establish suspicious account entry patterns.
Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.
