Crunchyroll, the prominent anime streaming service, has confirmed a significant data breach involving customer service ticket information. This breach occurred due to an incident involving a third-party vendor after a hacker claimed access to user data and internal systems.
Owned by Sony, which acquired it from AT&T in 2020 for $1.18 billion, Crunchyroll operates as a collaboration between Sony Pictures Entertainment in the U.S. and Japan’s Aniplex. With a catalogue exceeding 2,000 titles in over 12 languages, the platform boasts 15 million subscribers globally.
Recently, reports emerged of a hacker asserting they had obtained data from millions of Crunchyroll users. In response, the company stated it is actively investigating these claims and collaborating with cybersecurity experts. So far, Crunchyroll has not identified any signs of ongoing unauthorized access.
According to information shared with TechCrunch by the cybersecurity-focused account, International Cyber Digest, the attacker likely accessed Crunchyroll’s Zendesk support system. Screenshots provided suggest that internal Slack messages and support data were compromised, allegedly by breaching an employee’s account at Telus Digital, the outsourcing firm responsible for Crunchyroll’s customer support. The hacker reportedly managed to access customer support ticket data until early 2025, after which the access was terminated.
Notably, the ongoing investigation suggests this hack is distinct from another recent breach affecting Telus Digital, a situation that the firm has confirmed. However, Crunchyroll has not clarified whether its third-party vendor is indeed Telus Digital. Requests for comments from Telus Digital have gone unanswered.
The hacker claimed to BleepingComputer that they downloaded approximately eight million support ticket records, which include around 6.8 million unique email addresses. These assertions are yet to be independently verified, but the hacker indicated they gained access on March 12 after compromising an Okta single sign-on account belonging to a Crunchyroll support agent.
As the investigation unfolds, Crunchyroll is focused on ensuring the security of its user data and is maintaining communication with cybersecurity professionals to address and mitigate any risks emerging from this breach.
Fanpage:Â TechArena.au
Watch more about AI – Artificial Intelligence
