CP
cyberpings
BreachesHIGH

Crunchyroll Data Breach - Customer Service Data Stolen

TRThe Record
CrunchyrollTelusdata breachcustomer servicecybersecurity
🎯

Basically, hackers stole customer service data from Crunchyroll.

Quick Summary

Crunchyroll has confirmed a data breach involving customer service ticket data. Hackers accessed information from 6.8 million users. This raises serious privacy concerns for users. Stay vigilant and protect your information.

What Happened

On March 24, 2026, Crunchyroll, the popular anime streaming platform, confirmed that a significant data breach had occurred. The breach involved customer service ticket data that was leaked online. This incident stemmed from a third-party vendor, Telus, which handles customer support for Crunchyroll. The company is currently investigating the breach with the help of cybersecurity experts.

The breach was first reported by a hacker who claimed to have accessed the account of a Telus employee. They stated that they infected the employee's device with malware, allowing them to steal a staggering 100 gigabytes of data from Crunchyroll's ticketing system. The hacker asserted they had access to various company platforms, including Slack and Google Workspace.

Who's Affected

The breach has affected approximately 6.8 million users, with around 8 million support tickets downloaded by the hacker. This data includes sensitive information such as email addresses, IP addresses, and even partial credit card information. Crunchyroll has not yet confirmed the full extent of the data exposed, but the implications for user privacy are significant.

As a subsidiary of Sony, Crunchyroll has a vast user base, boasting 17 million paying subscribers and 120 million registered users across multiple countries. The potential exposure of personal information raises serious concerns about user trust and security in the platform.

What Data Was Exposed

The leaked data primarily consists of customer service ticket information. This includes:

  • Email addresses
  • IP addresses
  • Partial credit card information

While the company has stated there is no evidence of ongoing access to their systems, the fact that sensitive information was compromised is alarming. The hacker claimed to have demanded a $5 million ransom to prevent the information from being leaked further, highlighting the financial motivations behind such breaches.

What You Should Do

If you are a Crunchyroll user, it is crucial to take proactive measures to protect your personal information. Here are some steps you can take:

  • Change your password immediately, especially if you use the same password across multiple sites.
  • Monitor your bank statements for any suspicious activity, particularly if you have provided credit card information.
  • Enable two-factor authentication on your accounts to add an extra layer of security.

Stay informed about updates from Crunchyroll regarding the breach and follow their recommendations. Cybersecurity is a shared responsibility, and being vigilant can help mitigate the risks associated with such incidents.

🔒 Pro insight: This breach underscores the risks associated with third-party vendors; organizations must enforce strict security protocols to mitigate such vulnerabilities.

Original article from

The Record

Read Full Article

Share

Related Pings

HIGHBreaches

Data Breach - HackerOne Discloses Employee Data Theft

HackerOne has revealed a data breach affecting hundreds of employees due to a hack on Navia. Sensitive personal information was stolen, raising security concerns. Affected individuals are urged to monitor their accounts and utilize identity protection services.

BleepingComputer·
HIGHBreaches

Dutch Finance Ministry - Investigates Cyber Breach Impact

A cyber breach has hit the Dutch Ministry of Finance, affecting internal systems. While some employee operations are disrupted, key services remain unaffected. Investigators are working to determine the extent of the breach and any exposed data.

The Record·
HIGHBreaches

Infinite Campus Data Breach - ShinyHunters Claims Theft

Infinite Campus is warning of a data breach after ShinyHunters claimed to have stolen sensitive information. This incident affects numerous K-12 districts across the U.S. and raises concerns about data security in education. The company is taking steps to secure its systems and inform affected parties.

BleepingComputer·
HIGHBreaches

AstraZeneca Hack - Lapsus$ Claims Data Breach

What Happened The notorious Lapsus$ extortion group has made headlines by claiming they hacked into AstraZeneca, a major player in the biopharmaceutical industry. They boast of stealing approximately 3GB of sensitive data from the company. This data includes a variety of internal resources, such as code repositories, credentials, and employee information. The hackers shared their claims on an underground

SecurityWeek·
HIGHBreaches

Data Breach - HackerOne Criticizes Supplier's Delay

HackerOne is upset with Navia for delaying a breach notice affecting nearly 300 employees. Sensitive data was exposed, raising serious concerns about identity theft. The incident highlights the risks of relying on third-party suppliers.

The Register Security·
HIGHBreaches

Aqua Security Breach - 44 Repositories Defaced by Attackers

Aqua Security faced a major breach as 44 repositories were defaced. Developers using their tools are at risk due to exposed internal code and credentials. Immediate action is needed to secure systems affected by this supply chain attack.

Security Affairs·