SoundCloud Data Breach Exposes User Emails and Profile Information (December 2025)

Audio streaming platform SoundCloud confirmed on December 16, 2025, that it suffered a security breach resulting in the theft of a database containing user email addresses and profile information. The incident also caused outages and disrupted VPN connections over the past few days.

Details of the Vulnerability

Threat actors gained unauthorized access to SoundCloud’s systems, stealing a database with user data. The breach impacted approximately 20% of users (estimated 28 million accounts based on public figures). No payment or password information was compromised.

Impact and Recommendations

• Exposes email addresses and profile details to potential phishing or spam
• Caused service outages and VPN disruptions
• Affects roughly 28 million user accounts
• Change passwords if reused elsewhere and enable 2FA
• Monitor for phishing attempts targeting exposed emails

The data involved consisted only of email addresses and information already visible on public SoundCloud profiles.

SoundCloud

Source and full details:

Read the full report on BleepingComputer here:

https://www.bleepingcomputer.com/news/security/soundcloud-confirms-breach-after-member-data-stolen-vpn-access-disrupted