The Latest
ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment

ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment

ShinyHunters claim more data breaches and leaks are coming soon!
byWaqas
January 23, 2026
3 minute read
Total
0
Shares
0
0
0

ShinyHunters claim to have leaked millions of records from SoundCloud and Crunchbase after failed extortion attempts, with possible links to an Okta vishing campaign.

The notorious ShinyHunters hackers are back in the news. The group has set up a dark web .onion leak site and has published alleged partial databases linked to three companies. These include SoundCloud, a global audio streaming platform, Crunchbase, which provides data on private and public companies, and Betterment, an American financial advisory company.

The leak spree began yesterday, on 22 January 2026, when messages appeared on the group’s Telegram chat account containing links to .onion domains. These links offered the public free access to the alleged data dumps. According to the group, the leaks were carried out after their extortion attempts against the affected companies were denied.

“We are after corporate regime change in all parts of the world. Pay or leak. We will aggressively and viciously come after you once we have your data. By the time you are listed here, it will be too late. Next time. You will learn from it. It will ALWAYS be your best decision, choice, and option to engage with us and come to an agreement with us. Proceed wisely,” the group’s message on the leak site says.

It is worth noting that in December 2025, SoundCloud acknowledged a data breach that impacted around 20 percent of its user base. With SoundCloud reporting between 175 and 180 million users, this places the total at roughly 35 to 36 million accounts. That figure closely matches the number of impacted users claimed by ShinyHunters.

In total, the alleged data includes more than 20 million records linked to Betterment containing Personally Identifiable Information, over 2 million alleged records from Crunchbase, and more than 30 million records associated with SoundCloud that are now circulating online.

ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment
The new dark web leak site from ShinyHunters (Image credit: Hackread.com)

Okta Connection?

On 22 January 2026, Okta, a cloud-based Identity and Access Management service, issued a security advisory warning of an Okta SSO vishing campaign that has already resulted in multiple victims, though the exact number remains unknown.

According to a LinkedIn post from Alon Gal of Hudson Rock, a cybersecurity firm based in Israel, ShinyHunters contacted him to confirm that the group is also behind the Okta SSO vishing campaign and claimed that additional leaks will follow.

This raises the question of whether all three alleged data breaches are linked to Okta. That remains unclear. To address this, Hackread.com has contacted ShinyHunters directly seeking clarification.

Meanwhile, the alleged data linked to all three companies remains available for download. Hackread.com has observed evidence that the download links are now being circulated across major cybercrime forums, including French and Russian language communities.

Hackread.com has also reached out to SoundCloud, Crunchbase, and Betterment for comment. Until the companies involved confirm the authenticity of the data, the alleged breaches should be treated strictly as claims.

SoundCloud Issues Statement on Incident

A SoundCloud spokesperson reached out to Hackread.com and shared an update on the incident, stating that the company detected unauthorized activity in an ancillary service dashboard in mid December and took immediate action to contain the issue, engage third-party cybersecurity experts, and conduct a thorough investigation.

According to the company’s blog post, its investigation confirmed that no sensitive data like passwords or financial information was accessed and that the impacted data was limited to email addresses and information already visible on public profiles, affecting about one-fifth of its user base.

SoundCloud also noted that a group claiming responsibility has made public assertions and conducted email flooding tactics, but the company says there is no evidence supporting those broader claims, and it is working with law enforcement while strengthening defenses and reinforcing monitoring, access controls, and other security measures. You can read SoundCloud’s full statement here, attributed to a SoundCloud spokesperson

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cybersecurity and tech world. I am also into gaming, reading and investigative journalism.
View Posts
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Halo Security Achieves SOC 2 Type II Compliance, Demonstrating Sustained Security Excellence Over Time

byCyberNewswire
January 23, 2026
3 minute read
Halo Security Achieves SOC 2 Type II Compliance, Demonstrating Sustained Security Excellence Over Time
Total
0
Shares
0
0
0

Halo Security, a leading provider of external attack surface management and penetration testing services, today announced it has successfully achieved SOC 2 Type II compliance following an extensive multi-month audit by Insight Assurance. This certification validates that Halo Security’s security controls are not only properly designed but also operate effectively and consistently over time.

“SOC 2 Type II compliance demonstrates our unwavering commitment to protecting customer data through proven, operational security practices,” said Lisa Dowling, CEO of Halo Security.

“Our customers trust us to help them discover and remediate vulnerabilities across their attack surface, and this certification shows we apply that same rigorous security discipline to our own operations every single day.”

While SOC 2 Type I certification validates that security controls are appropriately designed at a specific point in time, Type II compliance requires continuous monitoring and verification over an extended audit period. Insight Assurance evaluated Halo Security’s actual security performance throughout the audit period, examining not just policies but their real-world execution and effectiveness.

The extended audit period assessed:

  • Incident Response: The effectiveness of security procedures when issues arise
  • Operational Effectiveness: How security controls performed under real-world conditions
  • Consistency: Whether practices were maintained uniformly throughout the evaluation period
  • Continuous Monitoring: How the company detected and responded to security events
  • Change Management: How security was maintained during system updates and changes.

Halo Security partnered with Genius GRC for expert guidance throughout the compliance journey and leveraged the Vanta platform to maintain continuous compliance readiness. The company also developed a custom integration between its platform and Vanta to streamline the audit process.

“We extend our sincere appreciation to Insight Assurance for their thorough evaluation and validation of our compliance efforts,” added Dowling. “Their expertise and impartial assessment have been instrumental in verifying our adherence to the SOC 2 framework.”

“Achieving SOC 2 Type II is not just about documenting controls. It is about proving that security processes are consistently executed over time,” said Eric Shoemaker, Advisory CISO and Founder of Genius GRC. “Halo Security demonstrated strong operational maturity throughout the audit period, with security practices that are embedded into day-to-day operations rather than treated as a compliance exercise.”

This achievement reinforces Halo Security’s position as a trusted partner for organizations requiring comprehensive external security assessments. The company’s vulnerability scanning and discovery solutions, combined with manual penetration testing services, help thousands of organizations worldwide maintain visibility into their attack surface security posture.

About Halo Security

Halo Security is changing the way organizations manage their external attack surface. Instead of leaving organizations to figure it out alone, Halo Security pairs unprecedented visibility into internet-facing assets with expert remediation guidance. The company’s EASM platform is the next generation of vulnerability scanning.

It automates asset discovery, includes auto-configured continuous vulnerability scanning, and delivers penetration-testing insights, all in one solution to deliver fast, measurable, and affordable risk reduction. Since 2013, Halo Security has helped over 2,000 clients discover and remediate vulnerabilities in their external-facing assets before attackers can exploit them.

As a PCI DSS Approved Scanning Vendor (ASV) and SOC 2 Type II certified organization, Halo Security maintains the highest standards for both its services and operations. Halo Security is headquartered in Miami with a 100% US-based team.

For more information about Halo Security’s SOC 2 Type II compliance or to request the company’s SOC 2 report, users can contact a Halo Security representative or visit www.halosecurity.com.

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Leave a Reply

Your email address will not be published. Required fields are marked *