Severe outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database from Audio streaming platform SoundCloud. SoundCloud confirmed these outages exposed users’ email addresses and profile information. Reports came in light when users who were unable to access SoundCloud when connecting via VPN, with attempts resulting in the site displaying 403 “forbidden” errors.

SoundCloud hosts over 400 million tracks from 40 million global creators. According to third-party estimates, the platform could have around 140 million total users.

As per the company information, users who were unable to access SoundCloud when connecting via VPN, with attempts resulting in the site displaying 403 “forbidden” errors. As per Bleeping computers reporting the breach affected 20% of SoundCloud’s users, which, based on publicly reported user figures, could impact roughly 28 million accounts.

Rise in Cyber threats & Cyber Attacks in 2025

As per ITRC surveyed 662 small business owners or executives at a company of 500 or fewer employees. According to the responses, cyberattacks are a near-universal threat, with a shift toward Artificial Intelligence (AI) powered attacks. Eighty-one 81% of small businesses reported suffering a security breach, a data breach or both in the past year. AI-powered attacks were identified as a root cause in more than 40% of cyber events, a pivot from internal risks to external, technologically advanced adversaries.

Attack Type SoundCloud faced: DDoS Attack

The attack, SoundCloud experienced is denial-of-service attacks that temporarily disabled the platform’s web availability. 

SoundCloud detected suspicious activity in an ancillary service dashboard, triggering immediate incident response protocols as the platform faced two DDoS attacks. Security teams contained the breach swiftly and enlisted third-party cybersecurity experts for a forensic investigation.

As damage control exercise was initiated the platform faced two DDoS attacks, that briefly disrupted web access, though mobile and API services remained operational.

SoundCloud include third-party cybersecurity experts, the company said it took additional steps to strengthen its security, including improving monitoring and threat detection, reviewing identity and access controls, and conducting an assessment of related systems.

However, the company’s response included a configuration change that disrupted VPN connectivity to the site. SoundCloud has not provided a timeline for when VPN access will be fully restored.

Key Step SoundCloud Initiated to Bolster Cyber Defense

• No credentials or details were involved, reducing risks like account takeovers or financial fraud.
• SoundCloud bolstered defenses by enhancing monitoring
• Improving threat detection, identity access controls
• Auditing related systems and upgrades caused transient VPN connectivity issues for some users, which teams are resolving.
• Further SoundCloud urged users on strict vigilance on any phishing activity recommending multi-factor authentication (MFA) and monitoring for suspicious emails.

VPN Attacks growing for Phishing & Ransomware

VPN attacks demonstrate the persistence of attackers and their ability to leverage available tools to mask their activities. VPNs became a primary attack vector for ransomware campaigns, with attackers exploiting vulnerabilities to gain initial access and move laterally within networks

There is persistent risks to creative platforms as wide public data fuel these platforms and these are targeted for phishing. As ransomware and supply chain attacks evolve so are music streaming services facing cyber threats and scrutiny.

As SoundCloud disclosed the cyber incident proactively within 6 hrs, the disclosure aligns with best practices from CISA and NIST, potentially averting larger fallout.

From this cyber incident, SoundCloud, made some configuration changes to its systems and says they “caused some users on VPNs to experience temporary connectivity issues.”

As per the company it is confident the attackers’ access has been fully shut down. “We are confident that any access to SoundCloud data has been curtailed.

Still any exposure of user’s data is a matter of grave concern, giving more confidence to cyber intruders towards creative platforms as SoundCloud.

(Source: Identity Theft Resource Center 2025 Business Impact Report: Costs from Cybercrimes Are Being Passed to Consumers)

(Source: SoundCloud confirms breach after member data stolen, VPN access disrupted)