Crunchyroll, a popular anime streaming platform, is currently investigating an alleged breach that may have led to the leak of personal data of 6.8 million of its users.
The stolen user data from Crunchyroll appears to have been obtained by exploiting a vulnerability in a third-party company, Telus International, to which Crunchyroll provides its customer support.
“We are aware of the recent claims and are currently working closely with cyber security experts to investigate the matter,” Crunchyroll said in a statement.
Cybersecurity store The Sleep Computer says the hacker reached out to them to provide information and evidence of the stolen data.
Apple responds to DarkSword spyware, a hacking tool that targets iPhones
The hacker says they infected a customer support agent’s computer with malware and gained access to the employee’s Okta login credentials. From there, the hacker gained access to multiple accounts Crunchyroll has with other third-party services such as Zendesk, Google Workspace Mail, Slack, Mixpanel, Jiro Service Management, Wizer, and MaestroQA.
Mashable Light Speed
According to the hacker, the breach occurred on March 12, and their access was revoked 24 hours later. However, during that time, the hacker downloaded 8 million support ticket records from Zendesk’s Crunchyroll account. There were 6.8 million unique email addresses included in these tickets.
The hacker showed Bleeping Computer screenshots detailing the types of personal information allegedly stolen from Crunchyroll users, including full names, usernames, email addresses, IP addresses, general geographic location, and what was entered in support tickets. Credit card information does not appear to have been stolen; however, if the user provided the last four digits of their card number or the expiration date of their card in a support ticket, that information would be among the stolen data.
The hacker says he sent a $5 million ransom to Crunchyroll for the information, but the hacker says they haven’t heard back from the company.
This Tweet is currently unavailable. Either it is loading or it has already been downloaded.
International Cyber Digest account on X too shared that they found screenshot evidence of the hacker’s breach. The account also reported that 100GB of data was stolen.
According to the cybersecurity company SOcradara post was published on a hacker forum on the same day of the alleged hack titled “Crunchyroll Email and IP.” The post includes hidden sample data that is suspected to be from data stolen in the breach.
Interestingly, Telus had it too confirmed via Bleeping Computer on March 12 that the company was breached by the well-known hacker group ShinyHunters. However, it is believed that the breach related to Crunchyroll at Telus is unrelated in a hacker group.
Crunchyroll has yet to issue a statement or acknowledge the potential breach to its users.
Articles
Cybersecurity coverage
