SoundCloud
What was exposed
AvatarsEmail addressesGeographic locationsNamesProfile statisticsUsernames
What to do if you were affected
- Expect more phishing and spam at this address. Treat messages that reference this company with extra caution.
- Be wary of targeted scams that use your personal details to sound convincing.
Details
In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform . The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data included 30M unique email addresses, names, usernames, avatars, follower and following counts and, in some cases, the user’s country. The attackers later attempted to extort SoundCloud before publicly releasing the data the following month.
Frequently asked questions
What is the SoundCloud data breach?
In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform . The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data...
When did the data breach happen?
This data breach occurred around December 2025.
How many accounts were affected?
Around 29,815,722 accounts were affected.
What information was exposed?
Exposed data included Avatars, Email addresses, Geographic locations, Names, Profile statistics and Usernames.
What should I do if I was affected?
Expect more phishing and spam at this address. Treat messages that reference this company with extra caution. Be wary of targeted scams that use your personal details to sound convincing.
Related breaches