Crunchyroll denies data breach after viral social media post exposes premium logins

In response to growing concerns over the exposure of Premium account login credentials following a viral post on social media, a spokesperson for the popular anime streaming service Crunchyroll confirmed that there was no evidence of a data breach within the company’s systems after approximately 50 login credentials were shared. The post, made by the now-deleted @therealwilsn account on X (formerly Twitter), garnered significant attention, amassing over a million impressions in under a day.

In an email to CBR, Crunchyroll addressed rumors of a potential breach, stating that it had secured the affected accounts and investigated the matter. The company emphasized that its internal systems were not compromised, explaining, "We are aware that login credentials for several streaming services, including Crunchyroll, were posted on social media and have resolved the issue. We have secured the affected accounts, investigated the situation, and determined that there is no evidence that Crunchyroll’s systems have been compromised."

The company encouraged its subscribers to implement best practices for online security, including diversifying passwords and changing them regularly. It also provided a link to its Customer Service Help Page for users seeking additional assistance with account security.

The viral post was not the first time @therealwilsn had shared login credentials for various streaming services, including Crunchyroll. Many exposed logins had already been circulating on sites like Scribd, which hackers commonly use to leak stolen credentials. The data breach tracking service Have I Been Pwned confirmed that some of the credentials had appeared in previous leaks, further validating concerns about the exposure of personal information.

Despite this, a deeper investigation revealed that one affected account contained the word "crunchyroll" in its password. It was not listed in any known leaks on Have I Been Pwned, indicating that the login may not have been exposed in earlier breaches. However, the site only tracks a subset of all online data leaks, and unique login details could suggest that credentials may still have been shared or compromised through other methods.