SoundCloud Confirms Cyber Incident Amid Service Interruptions
Overview of the Incident
In recent days, users of SoundCloud, the popular music and audio streaming platform, experienced significant service disruptions, leading to a wave of reports about connection issues, particularly regarding VPN access. The company has since confirmed that it was the target of a cybersecurity incident that involved unauthorized access to user data.
Service Outages and User Impact
SoundCloud’s users reported difficulties logging into the platform, accompanied by multiple VPN connectivity problems. Following these reports, the company issued a statement acknowledging the cyber incident and indicated that some of its data had been accessed and exfiltrated by malicious actors.
In its transparency efforts, SoundCloud detailed that it noticed unauthorized activity on an ancillary service dashboard. Upon discovery, the company promptly activated its incident response protocols to mitigate further damage.
Denial-of-Service Attacks
After addressing the initial breach, SoundCloud faced additional challenges in the form of denial-of-service (DoS) attacks. At least two of these attacks resulted in the temporary shutdown of the website, further compounding user frustration and limiting access.
SoundCloud emphasized that although the breach affected around 20% of its user base, critical sensitive data—such as financial information and passwords—was not compromised. Instead, the exposed data primarily consisted of public email addresses and information that users had already made visible on their profiles.
Details About the Breach
SoundCloud clarified that the breach resulted in limited data exposure. “We understand that a purported threat actor group accessed certain limited data that we hold,” the company stated. Their investigation confirmed that no sensitive data had been accessed, putting users at ease regarding the security of their personal information.
In addressing the aftermath, SoundCloud expressed confidence that it had contained any further access to its systems, although it has since been working with third-party cybersecurity professionals to bolster their defenses.
VPN Connectivity Issues
As part of the ongoing situation, SoundCloud noted that enhancing some of its security systems inadvertently led to additional VPN connectivity problems for users. The platform reassured affected users that they were actively working to resolve these access issues.
Suspicions About the Culprit
While SoundCloud has not definitively identified the attackers, reports from security experts suggest that the infamous hacking group known as ShinyHunters could be involved. Sources cited by security publication BleepingComputer indicate that ShinyHunters may be extorting SoundCloud after they claimed to have accessed a database containing user information.
ShinyHunters, which reportedly emerged in 2020, is known for targeting major corporations and engaging in financially motivated cyber extortion. Although the group initially operated on the well-known hacking forum, BreachForums, recent activities suggest they now collaborate with other cybercriminal entities while occasionally working independently.
The group has previously claimed responsibility for cyber incidents affecting other high-profile platforms, such as PornHub and OpenAI, which adds to the credibility of the speculation surrounding their involvement in the SoundCloud incident.
Conclusion
As SoundCloud navigates the aftermath of this cybersecurity incident, it has prioritized maintaining transparency with its users while taking the necessary steps to strengthen its security posture. The continued investigation and resolution of service disruptions stand at the forefront of the company’s efforts to restore user confidence in its platform.
