News

SoundCloud data breach reaches 29.8 million users in a major cyberattack

Founded in 2007, SoundCloud has evolved into an artist-first service hosting more than 400 million tracks from more than 40 million creators. This scale makes this incident particularly alarming. SoundCloud said it detected unauthorized activity associated with its internal service dashboard and launched an incident response process. At the time, users reported 403 Forbidden errors, especially when connecting via VPNs.

Sign up for my free CyberGuy reportIt happens My best tech tipsBreaking security alerts and exclusive offers delivered directly to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter

149 million passwords were exposed in a massive credential leak

Woman listening to podcast or music

SoundCloud confirmed unauthorized activity after users reported access errors, triggering an internal incident response. (Istock)

What data was exposed in the SoundCloud breach

SoundCloud initially said the attackers accessed limited data and did not touch passwords or financial information. The company said the information exposed matches what users already show to the public on profiles.

Subsequent discoveries painted a much bigger picture.

According to Have I Been Pwned, attackers collected data from approximately 29.8 million accounts. That data included:

  • Email addresses
  • Usernames and display names
  • Personal photos and avatars
  • Number of followers and followers
  • Geographic locations in some cases

While the passwords were not taken, Link emails to public profiles It creates real risks. This combination fuels phishing, impersonation, and targeted scams.

Who is behind the attack?

Security researchers linked the hack to ShinyHunters, a well-known company Extortion gang. Sources told BleepingComputer that the group attempted to blackmail SoundCloud after the data breach. SoundCloud later confirmed these claims. In a January update, the company said attackers made demands and launched email flood campaigns to harass users, employees, and partners. ShinyHunters also claimed responsibility for recent voice phishing attacks targeting single sign-on systems at Okta, Microsoft, and Google. These attacks targeted companies’ SaaS accounts for data theft and extortion.

Why does this hack even matter without passwords

At first glance, this may seem less serious than breaches involving passwords or credit cards. This assumption can be dangerous. Email addresses linked to real profiles allow scammers to craft convincing messages. They can appear as SoundCloud, brands, or even other content creators. With follower numbers and usernames, messages feel personal and believable. Once attackers gain trust, they spread links, malware, or fake login pages. This is how acquisitions of larger accounts begin.

What should SoundCloud users expect next

SoundCloud has not said whether more details will be released. The company confirmed the attack and attempted extortion, but did not answer follow-up questions about the scope or internal controls. For users, the long-term risks come from how widespread this data set is. Once published, exposed data rarely disappears. It has been circulating through forums, marketplaces and scam networks for years.

We reached out to SoundCloud for comment, and a representative told us: “We are aware that a group of threat actors has posted data online allegedly taken from our organization. Please know that our security team—backed by leading third-party cybersecurity experts—is actively reviewing the claim and posted data.”

SoundCloud said it found no evidence of access to sensitive data, such as passwords or financial information.

Ways to stay safe after SoundCloud hack

If you have or have had a SoundCloud account, now is the time to act. Even limited exposure to data can lead to targeted scams if you ignore it.

1) Watch for phishing and impersonation emails

Fraudsters often move quickly after a hack. Monitor your inbox for messages mentioning SoundCloud, music uploads, copyright issues, or account warnings. Don’t click on links or open attachments from unexpected emails. When in doubt, go directly to the official website instead of using email links. Powerful antivirus software It adds another layer of protection here.

Confused woman looks at her phone

Emails and public profile data of nearly 29.8 million accounts were collected, raising concerns about phishing and impersonation. (Cyberguy.com)

The best way to protect yourself from malicious links that install malware, and potentially access your private information, is to install strong antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware, keeping your personal information and digital assets safe.

Get my picks for the best antivirus protection winners of 2026 for Windows, Mac, Android, and iOS at Cyberguy.com

2) Change your SoundCloud password anyway

The passwords aren’t revealed, but it’s still smart to change them. Create a new password that you don’t use anywhere else. If remembering passwords is impossible, consider using a password manager to create strong passwords and store them securely. This reduces the risk of cross-platform reuse.

Next, check if your email has been exposed in previous breaches. Our #1 password manager (see Cyberguy.com) Choice includes a built-in penetration scanner that checks if your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2026 at Cyberguy.com

3) Turn on two-factor authentication

Two-factor authentication (2FA) adds a crucial barrier if someone tries to access your account. Even if attackers guess the password or get it later, they still need a second verification step. Enable two-factor authentication (2FA) anywhere offered by SoundCloud or connected services.

4) Secure your email account

Your email is the real target after most breaches. If someone gains access to it, they can reset passwords elsewhere. Use a strong, unique password for your email account and turn on two-factor authentication. Review your account recovery emails and phone numbers to make sure they still belong to you.

The data breach exposed 400,000 bank customers’ information

5) Reduce your online data footprint

Attackers use compromised emails to search data broker websites and social platforms for more details. The less data available, the harder it is to target. Consider using a data removal service to limit the number of times your email and personal details appear across the web.

While no service can guarantee complete removal of your data from the Internet, a data removal service is truly a smart choice. It’s not cheap, and neither is your privacy. These services do all the work for you by systematically monitoring and scraping your personal information from hundreds of websites. This gives me peace of mind and has proven to be the most effective way to clear your personal data from the Internet. By limiting the information available, you reduce the risk of fraudsters cross-referencing data from breaches to information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free check to see if your personal information really exists on the web by visiting Cyberguy.com

Get a free check to see if your personal information is already on the web: Cyberguy.com

6) Check your other accounts for any suspicious activity

Attackers often reuse exposed email addresses to test logins across streaming services, social media, and shopping accounts. Keep an eye out for password reset emails you didn’t request or login alerts from unfamiliar sites. If something seems off to you, act quickly.

A person typing on a computer in a dark room.

Security researchers linked the hack to extortion group ShinyHunters, which later tried to pressure SoundCloud into paying. (Thomas Trotschl/Photothek via Getty Images)

Key takeaways for Kurt

Data breaches are no longer limited to a single application or a single moment in time. Even when attackers reveal seemingly harmless information, the repercussions can last longer. The SoundCloud breach shows how public profile data combined with private contact details creates real exposure. Staying vigilant, limiting data sharing, and using strong security habits remains your best defense as breaches continue to escalate.

Have you checked for old or forgotten accounts that are still exposing your email and could now put you at risk? Let us know your thoughts by writing to us at Cyberguy.com

Click here to download the FOX NEWS app

Sign up for my free CyberGuy report Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter

Copyright 2026 CyberGuy.com. All rights reserved.

Curt “CyberGuy” Knutson is an award-winning technology journalist with a deep love for technology, equipment and gadgets that make life better through his contributions to Fox News and FOX Business morning starters on “FOX & Friends.” Do you have a technical question? Get Kurt’s free CyberGuy newsletter, and share your voice, story idea, or comment CyberGuy.com.

Related Posts

Post Comment

You May Have Missed