- SoundCloud confirms unauthorized system access and data breach
- Around 20% of its users had their emails and public information intercepted
- Sources claim attack was carried out by ShinyHunters
SoundCloud has confirmed that it suffered a cyberattack in which it lost sensitive data on around a fifth of its user base.
In a data breach notification posted to its website, SoundCloud said it “recently” detected unauthorized activity in an ancillary service dashboard.
A subsequent investigation discovered that a “threat actor group” had accessed certain data, which primarily includes user emails and information otherwise visible on public SoundCloud profiles. The company said the breach affected about 20% of its users, which multiple sources say equates to about 28 million users.
VPN issues
“We understand that an alleged threat actor group has accessed some limited data that we hold,” the company said.
“We conducted an investigation into the data involved, and no sensitive data (such as financial data or passwords) was accessed. The data involved consisted only of email addresses and information already visible on public SoundCloud profiles and affected approximately 20% of SoundCloud users.”
SoundCloud also brought in a third-party cybersecurity company to help with analysis and containment and said that once the threat was eliminated, the attackers engaged in several denial-of-service attacks. Two of them managed to temporarily disable SoundCloud’s availability on the web.
There were also issues for users accessing the platform via VPN. As explained CyberInsiderSoundCloud is accessible worldwide but faces restrictions in some regions, which is why VPN is essential for some users.
These users were seeing “ERROR 403 – The request could not be fulfilled” messages when trying to connect this way. At first, users thought this was due to geo-blocking or changes to IP filtering, but it was later explained that this was due to security enhancement measures implemented by SoundCloud after the breach.
Although it has not been explained in detail, it is possible that the changes have changed filtering rules or Web Application Firewall (WAF) policies. SoundCloud said it is currently working to resolve this issue.
The company has not named the perpetrators of this attack, but media reports say it was the work of ShinyHunters, a ransomware group known for avoiding the encryption part and focusing solely on data exfiltration. The group is reportedly negotiating a ransom payment with SoundCloud, but this information has not been publicly confirmed.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
