What happened
SoundCloud disclosed a cybersecurity incident involving unauthorized access to an internal service dashboard alongside denial of service attacks. The company said attackers accessed limited user data and launched DoS activity that caused temporary service disruptions. During mitigation, some VPN traffic was restricted, which affected access for certain users.
Who is affected
Around 20 percent of SoundCloud users had limited data exposed, including email addresses and public profile information. SoundCloud stated that passwords and financial data were not compromised. Users who rely on VPNs, especially in restricted regions, experienced connectivity issues during and after the DoS response.
Why CISOs should care
This incident highlights how attackers can combine data access with service disruption to increase impact. Even partial data exposure, such as email addresses, can support phishing and follow-on attacks. It also shows how defensive actions, like traffic filtering and VPN restrictions, can disrupt legitimate users if not carefully managed.
3 practical actions
-
Review incident response plans to ensure teams can handle data exposure and DoS attacks at the same time without slowing decision making.
-
Lock down access to internal dashboards and support tools using least privilege, strong authentication, and continuous monitoring.
-
Prepare clear user communication templates so access changes, including VPN restrictions, can be explained quickly during an active incident.