SoundCloud has confirmed that the music streaming platform experienced a security incident after hackers managed to break into their systems and steal user information. The announcement came after several days of confusion, with many users reporting they couldn’t access the site, especially those connecting through private networks.
For about four days before the official announcement, SoundCloud users started noticing strange problems. People trying to visit the site while using a private connection service kept getting blocked with an error message that said their request couldn’t be satisfied. Many users took to online forums to complain, wondering why they suddenly couldn’t access their accounts and music libraries. Some long-time users who had been on the platform for over a decade were even asked to verify their email addresses again, which seemed unusual for established accounts.
The company finally broke its silence and explained what happened. According to SoundCloud, they discovered someone had gained unauthorized access to one of their service dashboards. As soon as they noticed this suspicious activity, they activated their emergency response plan and brought in outside security experts to help figure out what went wrong and stop any further damage.
The situation got worse after SoundCloud discovered the break-in. The platform was hit with two separate attacks designed to overwhelm their systems and knock the website offline. These attacks, which flooded the site with so much traffic that regular users couldn’t get through, managed to temporarily disable access to the platform’s website. While the mobile app and other ways of accessing SoundCloud kept working, the main website went down for a period of time.
After investigating what information the hackers managed to take, SoundCloud said the stolen data included email addresses and information that was already visible on people’s public profiles. The company was quick to point out that more sensitive information like passwords and payment details were not accessed during the breach. This is important because it means people’s actual accounts and financial information should still be safe, even though their email addresses are now in the hands of whoever carried out the attack.
The number of people affected by this breach is significant. Reports suggest that roughly 20 percent of SoundCloud’s users had their data stolen, which translates to about 28 million accounts based on the platform’s total user numbers. That’s a substantial portion of the community, and while the company says only public information was taken, having your email address stolen can still lead to problems like spam or targeted phishing attempts.
What’s particularly frustrating for many users is how SoundCloud responded to the security incident. In an attempt to strengthen their defenses and prevent future attacks, the company made changes to how their systems work. Unfortunately, these security improvements ended up causing the very connection problems that users had been experiencing. The changes essentially blocked people using private connection services from accessing the site, even though many of these users rely on such services for legitimate reasons, like privacy protection or accessing the platform from countries where it might be restricted.
The company said they’re actively working to fix the issue so that users can access the platform normally again, but they haven’t given any specific timeline for when things will be back to normal. This lack of clarity has left many users in limbo, unsure of when they’ll be able to use the service the way they used to.
Adding another layer to this story, some security researchers believe they know who’s behind the attack. A group known for stealing data and then demanding payment to keep it secret has been linked to the SoundCloud breach. This same group has been involved in other recent high-profile attacks on different websites and services. If these reports are accurate, SoundCloud might be facing demands for money in exchange for not releasing or selling the stolen information to others.
The timing and coordination of events suggest this was a planned operation. First came the initial break-in to steal user data, then the attacks that knocked the website offline, and now potentially demands for payment. This pattern is unfortunately becoming more common as criminal groups have turned data theft into a business model where they either sell stolen information or extort the companies they’ve hacked.
For SoundCloud users, the company is recommending some basic precautions. They suggest people be extra careful about suspicious emails, especially ones that claim to be from SoundCloud and ask for personal information or passwords. The stolen email addresses could be used to create convincing fake messages designed to trick people into giving up more information. Setting up additional security measures on accounts, like requiring a code from your phone to log in, is also a good idea.
The incident highlights how even platforms dedicated to music and creativity aren’t immune to security problems. SoundCloud has been around since 2008 and has built a community of millions of independent artists and listeners. The platform is particularly popular with musicians who want to share their work directly with fans without going through traditional record labels. This open nature, while great for creators, also means the platform handles a lot of user data and accounts, making it an attractive target for hackers.
SoundCloud says they’ve taken additional steps to prevent similar incidents. They’re improving how they monitor for suspicious activity, reviewing who has access to different parts of their systems, and conducting thorough checks of their security setup. The company has promised to keep users updated as they learn more and work to fix the remaining access issues.
For now, SoundCloud users who can access the platform are able to use it normally for listening to music and uploading content. The main ongoing problem is for those who connect through private networks, will need to either wait for SoundCloud to fix the issue or find alternative ways to access the service.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
