Crunchyroll investigating massive data breach that impacted 6.8 million users

American anime streaming platform Crunchyroll says it is working with leading cyber security experts to investigate a significant data security incident that reportedly impacted over 6.8 million users.

 

The popular anime streaming platform, which is owned by Sony Pictures and boasts more than 15 million subscribers worldwide, said the data security incident involved a third-party vendor and the information stolen by hackers was limited to customer service ticket data.

 

Based on media reports, the data security incident possibly impacted Telus International, a Canadian business process outsourcing and technology company that provides customer support services to Crunchyroll. 

 

The company’s statement came after a hacker reached out to BleepingComputer to claim responsibility for breaching the anime streaming company and exfiltrating more than 100 gigabytes of customer data. 

 

The hacker said they hijacked the Okta single-sign-on account of a customer support agent at Telus International on March 12th after planting malware into the agent’s computer. Using the stolen credentials, the hacker accessed multiple Crunchyroll applications and downloaded 8 million customer support ticket records from the company’s Zendesk application. 

 

Each of these support tickets contained the information of Crunchyroll’s customers, including their names, login names, email addresses, IP addresses, geographic location and details of support tickets. The hacker claimed that the support tickets contained at least 6.8 million unique email addresses. Some of the tickets also featured limited payment card data such as the last four digits or expiration dates.

 

The hacker said they enjoyed complete access to Crunchyroll’s applications for about 24 hours, during which time they downloaded data up to mid-2025. The hacker then contacted the anime streaming company and demanded a $5 million ransom payment in exchange for not leaking the data.

 

Crunchyroll released a detailed statement concerning the data security incident on Monday, stating that it is investigating the incident with help from leading cyber security experts.

 

"Our investigation is ongoing, and we continue to work with leading cybersecurity experts. At this time, we believe that the information is primarily limited to customer service ticket data following an incident with a third-party vendor," Crunchyroll said.

 

"We have not identified evidence of ongoing access to systems in relation to these claims. We are continuing to monitor the situation closely," the company added.