SoundCloud user information was likely hacked, and the company acknowledges that past service outages and VPN connection issues were caused by security breaches.

Music streaming service SoundCloud has admitted that its database was breached. While no sensitive data was affected, users' email addresses and other personal information were stolen.

SoundCloud confirms breach after member data stolen, VPN access disrupted

For several days from mid-December 2025, SoundCloud experienced issues such as intermittent service outages and poor connection via VPN, leading to widespread distrust among users. Users who were unaware of the situation lamented, saying, 'Because my country is blocking access to SoundCloud, my only reliance was on VPN.'

However, technology media outlet BleepingComputer reported that SoundCloud was subject to unauthorized access during the period in question.

In a statement shared with BleepingComputer, SoundCloud said that after detecting that an attacker had accessed some of its data, it activated its incident response procedures and blocked all unauthorized access.

SoundCloud described the data breach as 'limited in scope.' It said that while it did not confirm that data such as financial information or passwords were accessed, email addresses and information already available on public SoundCloud profiles may have been stolen.

SoundCloud says the breach affected 20% of its users, and based on publicly available user counts, it's likely that around 28 million accounts are affected.

SoundCloud explained that it has 'worked with third-party cybersecurity experts to take additional steps to strengthen its security, including increasing monitoring and threat detection, reviewing identity and access controls, and conducting an assessment of related systems.'

Although the service has resumed, VPN connections have been completely cut off, and at the time of writing, no specific timetable for their resumption has been decided.

SoundCloud has not shared details about the attackers, but BleepingComputer has received information that a group called 'ShinyHunters' is involved.

ShinyHunters is also the group behind the Pornhub data breach that occurred around the same time as SoundCloud, and previously claimed to have stolen the personal information of approximately 560 million people from Ticketmaster, a major ticket sales platform.

Hacker group 'ShinyHunters' claims to have stolen 560 million user data from Ticketmaster, experts warn of further cyberattacks - GIGAZINE