SoundCloud has confirmed it experienced a cyberattack that affected about 20 percent of its users, roughly 26 million people based on estimates. The company detected unauthorized activity in an ancillary service dashboard and quickly initiated its incident response protocols. After containing the initial breach, SoundCloud faced multiple denial of service (DDoS) attacks that temporarily disrupted web access to the platform. The company engaged third-party cybersecurity experts to help investigate the situation. The attackers accessed limited data, specifically email addresses and information from public SoundCloud profiles. SoundCloud clarified that no sensitive data, such as financial or password information, was compromised. The incident prompted the company to enhance its monitoring, review access controls, and conduct a comprehensive audit of its systems. It appears the breach might have stemmed from configuration issues related to the service dashboard. Following the incident, some users experienced connectivity problems, leading to speculation that SoundCloud was blocking VPNs. The company clarified that this assumption was incorrect and attributed the issues to recent configuration changes. SoundCloud is working on resolving these VPN-related access problems while continuing to address the aftermath of the cyberattack.