SoundCloud users should rotate passwords immediately, especially if reused elsewhere.
The VPN access disruption suggests the breach may be deeper than initially disclosed. If you used the same password on banking, email, or other sensitive accounts, change those first.
For anyone managing 50+ accounts: automated password rotation tools exist now that can handle the tedious clicking through each site. Saves hours vs manual changes.
The Password App does this on macOS - full disclosure, I'm affiliated, but the general advice stands: don't wait for breach notifications to rotate credentials.
Curious... Why does VPN access disruption suggest the breach may be deeper than initially disclosed?
My understanding is that this prevents anonymous access to servers which would help during investigation if any further unauthorized access showed up. But it doesn't confirm that unauthorized access continued. Just curious how you are thinking about this though.
Your question didn't include the words automated or tools, and your incomplete "where, how, which" was ambiguous enough to apply to the idea of password rotation generally rather than the tool's interactions with them.
What is the relation between blocking VPN and data breach? why would this be a reasonable response? Is it to prevent mass login attempts using VPNs to mark origin or what?
SoundCloud users should rotate passwords immediately, especially if reused elsewhere.
The VPN access disruption suggests the breach may be deeper than initially disclosed. If you used the same password on banking, email, or other sensitive accounts, change those first.
For anyone managing 50+ accounts: automated password rotation tools exist now that can handle the tedious clicking through each site. Saves hours vs manual changes.
The Password App does this on macOS - full disclosure, I'm affiliated, but the general advice stands: don't wait for breach notifications to rotate credentials.
Curious... Why does VPN access disruption suggest the breach may be deeper than initially disclosed?
My understanding is that this prevents anonymous access to servers which would help during investigation if any further unauthorized access showed up. But it doesn't confirm that unauthorized access continued. Just curious how you are thinking about this though.
Please say more about the Password Rotation. Where, how, which?
You are replying to submarine marketing.
Go change your password. And do it for every website you reuse that password.
The keyword was, “automated password rotation tools.”
Your question didn't include the words automated or tools, and your incomplete "where, how, which" was ambiguous enough to apply to the idea of password rotation generally rather than the tool's interactions with them.
What is ‘The Password App’? As in the built in ‘Passwords’ app?
The HN post from earlier when the VPN ban speculation started:
https://news.ycombinator.com/item?id=46269891
What is the relation between blocking VPN and data breach? why would this be a reasonable response? Is it to prevent mass login attempts using VPNs to mark origin or what?
I'd imagine knee-jerk reaction when they noticed hacking and just started to blanket ban IP ranges to access their entire infrastructure
My SoundCloud account seems to predate my use of 1password and I didn't seem to migrate it.
Uh oh.
I hope they have a nice GDPR compliant deletion policy and my account is long gone.
Just checked and my account was created (and last used) in 2013...
So at least they get some old accounts to become active again :D