Hackers have targeted SoundCloud and accessed some user data stored on its systems, the music streaming giant said on Monday.
Reports that SoundCloud may have banned VPN access started circulating in recent days after some users complained they were no longer able to access the music streaming service through a VPN.
However, the company revealed on Monday that it has been responding to a cyberattack, and VPN issues were caused by the actions taken to secure its systems.
According to SoundCloud, it initiated incident response protocols after discovering unauthorized activity in an “ancillary service dashboard”.
An investigation conducted with the aid of third-party cybersecurity experts showed that the attacker gained access to “certain limited data”, including email addresses and information visible on public SoundCloud profiles.
The company said sensitive data, such as passwords or financial information, was not exposed.
SoundCloud said roughly 20% of its users are affected. According to some estimates, SoundCloud has well over 100 million users, translating to tens of millions of users who are likely impacted.
While the compromised information may not be particularly sensitive, the company did urge users to keep an eye out for phishing attempts.
The company is confident that the attackers have been kicked out of its systems. However, following containment measures, distributed denial-of-service (DDoS) attacks were launched against SoundCloud, and two of the attacks managed to temporarily disrupt the platform’s web version.
As for the VPN issues experienced by some users, the company said they were caused by configuration changes implemented in response to the incident. SoundCloud said on Monday that it had been working on addressing the VPN access problems.
Related: 700Credit Data Breach Impacts 5.8 Million Individuals
Related: Fieldtex Data Breach Impacts 238,000
