Hackers stole information of 29.8M accounts (~20% of users). SoundCloud is downplaying the data beyond email address as "publicly available", but the data wasn't scraped. "Profile statistics" aren't public either. Their main response[0], seems to focus on passwords and payment details being the only risky data. They even imply email addresses are public.

> no sensitive data was taken in the incident.The data involved consisted only of email addresses and information already visible on public SoundCloud profiles (not financial or password data)

[0]: https://soundcloud.com/playbook-articles/protecting-our-user...