Audio streaming service SoundCloud has suffered a breach and has been repeatedly hit by denial of service attacks, the company confirmed on Monday.
In the days leading up to the confirmation, users accessing SoundCloud through VPNs reported connection failures and error messages.
It has now been revealed that these connectivity issues were due to configuration changes made by SoundCloud in the wake of the attacks, and that the company is working on resolving them.
The breach
“SoundCloud recently detected unauthorized activity in an ancillary service dashboard,” the company stated, and immediately activated its incident response protocols and called in a third-party cybersecurity experts to help with the investigation and response.
“We understand that a purported threat actor group accessed certain limited data that we hold,” the company added.
“The data involved consisted only of email addresses and information already visible on public SoundCloud profiles and affected approximately 20% of SoundCloud users.”
Financial data, passwords or other sensitive data has not been accessed, and the company believes that the attackers no longer have any access to SoundCloud data.
The DoS attacks
SoundCloud is officially blocked in Russia, mainland China, and Turkey, and to access it, users resort to using VPN services.
Its temporary unavailability made users fear that the streaming service had permanently blocked access via VPN.
SoundCloud also confirmed that once the incident had been contained and the attackers booted out, the service was hit by denial of service attacks, two of which made the streaming platform temporarily unavailable for users accessing it via the website.
At the moment, the platform is again available via apps and web, meaning that the service is either no longer being hammered with malicious requests or is able to withstand their onslaught.
SoundCloud did not name the attackers, but according to Lawrence Abrams, it’s the ShinyHunters cyber extortion group and they are trying to get SoundCloud to pay them not to leak the stolen data.
It’s currently unknown whether the breach and the DoS attacks were perpetrated by the same group.
“We’ll continue to share updates as we learn more and are committed to keeping you informed. We’re taking steps to reduce the risk of similar issues in the future,” the company concluded.
Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!
