January 27, 2026

Stage names vs inbox names

Article URL →HN comments →

SoundCloud Data Breach Now on HaveIBeenPwned

30M emails spilled: fans shrug, artists sweat, ‘Kevin’ jokes

TLDR: SoundCloud’s breach matched about 30 million emails to public profiles and is now listed on Have I Been Pwned. Comments split between “it’s just public info” and fears of scams and identity exposure, with jokes about rappers’ real names fueling the drama

SoundCloud’s big oops is now on Have I Been Pwned, the site where you check if your email was caught in a breach. In December 2025, attackers matched about 30 million emails to public SoundCloud profiles and later tried to extort the company, per PCMag. No passwords, but names, usernames, avatars, follower counts, and sometimes country got bundled with emails.

Cue chaos in the comments. One longtime paying artist raged that SoundCloud is “the worst company,” accusing them of being hostile to former subscribers. Another camp shrugs: it’s just publicly visible stuff—“so they’ve scraped public data, why care?”

But the anxious crowd says emails plus identities equals easier scams, with crypto theft fears trending. Meanwhile, jokesters turned it into a meme: rap gods unmasked as Kevin from suburbia.

Community verdict: split. The chill side calls it a glorified phonebook; the alarmed side says linking real names and emails to stage personas invites trolling, spam, and phishing (fake messages that trick you). Either way, 29.8 million accounts is a lot, and the gossip is louder than the bass. Pro tip: check your email on HIBP, enable two-factor codes, and watch for sketchy messages pretending to be SoundCloud or your favorite bank

Key Points

  • SoundCloud detected unauthorised activity in December 2025 enabling mapping of public profile data to email addresses.
  • Approximately 20% of users were affected, with around 30M unique email addresses and 29.8M accounts impacted.
  • Compromised data includes names, usernames, avatars, follower/following counts, and sometimes country, plus email addresses.
  • Attackers attempted extortion and later publicly released the data the following month.
  • The breach was added to Have I Been Pwned on January 27, 2026, with guidance to change passwords and enable 2FA.

Hottest takes

"SoundCloud is the worst company, so hostile to former paying users!" — throwaway431234
"So they’ve scraped public data. Why care?" — djee
"A lot of 'rap gods' are about to be exposed as 'Kevin' from suburbia" — TechSquidTV

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.