Crunchyroll probes 100GB user data leak
Crunchyroll is investigating a breach that may have exposed roughly 6.8 million users and appears to include a 100GB data dump — the streaming platform has enlisted cybersecurity experts to assess the scope. The incident is the latest example of consumer platforms facing large-scale credential and data exposures. (reuters.com)
Threat actors told BleepingComputer the intrusion began on March 12 at about 9:00 p.m. ET after they gained access to an Okta single‑sign‑on account tied to a support agent. (bleepingcomputer.com (bleepingcomputer.com)) (bleepingcomputer.com) The same source says the compromised account belonged to an employee of Telus International (a BPO partner) and that screenshots provided to reporters showed access to multiple internal tools including Zendesk, Mixpanel, Google Workspace Mail, Jira Service Management, Wizer, MaestroQA and Slack. (bleepingcomputer.com (bleepingcomputer.com)) (bleepingcomputer.com) Attackers told investigators they extracted roughly 8 million support‑ticket records from Crunchyroll’s Zendesk instance, and those tickets contained names, login names, email addresses, IP addresses, geographic data and the full text of users’ support requests. (bleepingcomputer.com (bleepingcomputer.com)) (bleepingcomputer.com) BleepingComputer reported credit‑card details appeared in some tickets only when customers had pasted them into support messages — most such entries were limited to last four digits or expiration dates, and the attacker said only a small number of full card numbers were present. (bleepingcomputer.com (bleepingcomputer.com)) (bleepingcomputer.com) The threat actor claims it sent a $5 million extortion demand and that access was revoked by the victim environment about 24 hours after initial compromise, during which time the actor says it harvested data spanning back into mid‑2025. (bleepingcomputer.com (bleepingcomputer.com)) (bleepingcomputer.com) The incident has been tied in reporting to the larger Telus Digital security incident disclosed in March, with Telus confirming it is investigating unauthorized access to a limited number of systems and engaging cyber forensics and law enforcement. (bleepingcomputer.com (bleepingcomputer.com)) (bleepingcomputer.com) Crunchyroll and multiple outlets note the company has told journalists the claim may be overstated and that, at this stage, investigators are focused on whether the data is primarily limited to customer‑service ticket records. (pcmag.com (pcmag.com)) (pcmag.com)
