Audio streaming platform SoundCloud has confirmed it experienced a significant security breach, resulting in widespread service disruptions over the past several days. Users attempting to access the platform, particularly via VPNs, reported repeated connectivity failures and error messages, leaving many unable to stream or upload content. Following an internal investigation, SoundCloud revealed that the incident involved unauthorized access to a portion of its user data, though no sensitive financial or password information appears to have been compromised.
A Persistent Cyber Extortion Threat
While SoundCloud has not officially attributed the attack, multiple security sources point to the cyber extortion group ShinyHunters as the likely perpetrator. Formed around 2020, ShinyHunters is known for targeting large organizations and demanding ransoms in exchange for stolen data. The group has previously been linked to high-profile breaches, including the recent compromise of PornHub’s user database, highlighting their ongoing focus on prominent platforms with vast user bases.
The Breach: Discovery, Scope, and Impact
The intrusion at SoundCloud was traced to unauthorized activity within an ancillary service dashboard, prompting the company to immediately activate its incident response protocols and engage third-party cybersecurity specialists. Preliminary investigations indicate that roughly 20% of SoundCloud’s users were affected, translating to an estimated 28 million accounts. The exposed information was limited to email addresses and data already visible on public user profiles, with no financial or password details accessed.
In the wake of the breach, SoundCloud implemented security measures to contain the activity, including reviewing identity and access controls, strengthening threat monitoring, and making configuration changes that inadvertently disrupted VPN connectivity. These adjustments, while necessary for security, caused temporary accessibility issues for users in regions where VPNs are commonly used to reach the platform.
Complicating the situation, SoundCloud subsequently experienced multiple denial-of-service (DoS) attacks. Two of these incidents temporarily disabled the website, further impacting users’ ability to access the service through web browsers. Despite these challenges, the company confirmed that access through its mobile and desktop apps remained largely unaffected once the immediate attacks subsided.
Ransom Demands and Ongoing Risks
Following the breach, ShinyHunters is reportedly seeking to extort SoundCloud, threatening to release the stolen user data unless a ransom is paid. Although the full extent of the extortion attempt remains unclear, the company has emphasized that no sensitive personal or financial information was taken, reducing the potential severity of any public disclosure. Nevertheless, SoundCloud has advised users to remain vigilant for phishing attempts and to enable two-factor authentication to enhance account security.
0 Comments