ShellCodeX
Tools β€’ Events β€’ News β€’ Insights
ShellCodeX Breach Report

SoundCloud Data Breach

soundcloud.com
Major exposure
Verified breach
Accounts exposed 29,815,722
Breach date 15 Dec 2025
Added to tracker 27 Jan 2026
Data classes 6

What happened

In December 2025, SoundCloud announced it had discovered unauthorised activity on its platform. The incident allowed an attacker to map publicly available SoundCloud profile data to email addresses for approximately 20% of its users. The impacted data included 30M unique email addresses, names, usernames, avatars, follower and following counts and, in some cases, the user’s country. The attackers later attempted to extort SoundCloud before publicly releasing the data the following month.

Exposed data

Avatars Email addresses Geographic locations Names Profile statistics Usernames

Recommended actions

  • Watch for targeted phishing emails referencing SoundCloud β€” attackers weaponise breach data quickly.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP