In December 2025, Soundcloud was hacked by a group called ShinyHunters. They were able to gain access through a service dashboard. Fortunately, no passwords were compromised, but emails and profile information were extracted.  A statement from Soundcloud said that 20% of the total users’ information was accessed. According to BleepingComputer, the group initially tried to extort Soundcloud to prevent the release of the information. After failing to do so, the group released the information online. On January 28, 2026, haveibeenpwned.com added the breach containing 29.8 million users to their database. Using their database, you can check to see if you were part of the 20% affected.

Although no sensitive information was accessed, enough information was accessed that could cause problems. This information could allow attackers to craft convincing phishing attacks toward the affected users. As the information is now publicly available, attackers can use the email addresses to launch massive campaigns in an attempt to trick users logging into fake websites or downloading malware.