Crunchyroll confirms data breach following hacker’s unauthorised access claims

Anime streaming platform Crunchyroll has confirmed a data breach involving customer support ticket information following an incident linked to a third-party vendor. The confirmation comes after a hacker publicly claimed to have accessed user data and internal systems.

The platform, which Sony acquired from AT&T in 2020 for $1.18 billion, operates as a joint venture between Sony Pictures Entertainment and Aniplex. Crunchyroll hosts more than 2,000 titles in over 12 languages and serves approximately 15 million subscribers globally, according to its website.

Earlier this week, reports surfaced online from a threat actor claiming to have accessed data belonging to millions of Crunchyroll users. The hacker alleged that they had obtained sensitive information and access to internal systems.

In response, Crunchyroll said it is actively investigating the situation.
"Our investigation is ongoing, and we continue to work with leading cybersecurity experts," the company said in a statement, adding that it has not found evidence of any ongoing unauthorised access at this time.

Additional details shared by the cybersecurity-focused account International Cyber Digest suggest that the attacker may have accessed Crunchyroll's support infrastructure via Zendesk. Screenshots reviewed appear to show internal Slack communications along with support-related data that may have been exfiltrated.

The materials indicate that the breach could have originated from a compromised employee account at Telus Digital, a third-party company responsible for Crunchyroll's customer support operations. According to these claims, the attacker maintained access to customer support ticket data until early 2025, when their access was reportedly revoked.

The cybersecurity account also noted that the incident appears to be separate from another recent breach involving Telus Digital, which the company confirmed last week.

Crunchyroll has not confirmed whether the third-party vendor involved in the breach is directly linked to Telus Digital, nor has it responded to follow-up questions on that point.

The hacker reportedly told BleepingComputer that they downloaded around eight million support ticket records from Crunchyroll's systems, including approximately 6.8 million unique email addresses. However, these claims have not been independently verified.

According to the same report, the attacker said they gained access on March 12 by compromising an Okta single sign-on account belonging to a Crunchyroll support agent.

Crunchyroll continues to investigate the incident as more details emerge about the scope and method of the breach.