A significant data breach has impacted approximately 29.8 million SoundCloud user accounts, exposing personal and contact details. The incident, detected in late 2025, allowed attackers to link private email addresses with publicly available profile information, raising concerns about potential phishing and targeted scams.

Key Takeaways

• Nearly 30 million SoundCloud accounts were affected.

• Exposed data includes email addresses, usernames, profile photos, follower counts, and sometimes geographic locations.

• Passwords and financial information were not compromised.

• The breach has been linked to the ShinyHunters extortion group.

The Breach Unveiled

SoundCloud confirmed unauthorized activity after users reported access errors, particularly when using VPNs. The company launched an incident response process, initially stating that only limited data, consistent with public profiles, was accessed. However, later disclosures revealed a much larger scope.

Data Exposed

According to data breach notification service Have I Been Pwned, the attackers harvested data from approximately 29.8 million accounts. This included:

• Email addresses

• Usernames and display names

• Profile photos and avatars

• Follower and following counts

• Geographic locations (in some cases)

While passwords and financial information were not compromised, the combination of email addresses with public profile data creates a significant risk for users.

Attackers and Motivation

Security researchers have tied the breach to ShinyHunters, a known extortion gang. Sources indicate that the group attempted to extort SoundCloud following the data breach. SoundCloud later confirmed that attackers made demands and initiated email-flooding campaigns to harass users, employees, and partners. ShinyHunters has also been linked to recent voice phishing attacks targeting single sign-on systems at major tech companies.

Why This Breach Matters

Even without passwords being exposed, the linking of email addresses to real profiles allows scammers to craft more convincing phishing messages. Attackers can impersonate SoundCloud, brands, or other creators, using follower counts and usernames to make their communications seem personal and believable. This can lead to malware distribution or fake login pages, potentially enabling larger account takeovers.

Protecting Yourself

SoundCloud users are advised to take the following precautions:

1. Watch for Phishing Emails: Be wary of suspicious emails mentioning SoundCloud, account warnings, or copyright issues. Do not click on links or open attachments from unknown senders.

2. Change Your SoundCloud Password: Although passwords were not exposed, it's a good practice to create a new, unique password for your SoundCloud account and any other services where you might have reused it.

3. Enable Two-Factor Authentication (2FA): Add an extra layer of security to your account wherever possible.

4. Secure Your Email Account: Use a strong, unique password and enable 2FA for your primary email account, as it's often the gateway to other services.

5. Reduce Your Online Data Footprint: Consider using data removal services to limit the amount of personal information available online.

6. Monitor Other Accounts: Be vigilant for suspicious activity or password reset emails from other online services, as attackers often test compromised email addresses across multiple platforms.

Sources

• SoundCloud data breach hits 29.8 million users in major cyberattack, Fox News.

• SoundCloud data breach exposes 29.8 million user accounts, Kurt the CyberGuy.

• Have I Been Pwned: SoundCloud data breach impacts 29.8 million accounts, BleepingComputer.

• SoundCloud Data Breach Exposes Nearly 30M User Accounts, TechRepublic.

• Massive SoundCloud Data Breach Exposes Personal Details of 29.8 Million Users, Cyber Press.