Anime streaming platform Crunchyroll has acknowledged a potential security incident after a hacker claimed to have gained unauthorized access to its systems and exfiltrated a large volume of data. The claim, which surfaced online, suggests that nearly 100GB of information may have been accessed, including user-related details such as email addresses and account data.
According to reports, the breach may be linked to a compromise involving a third-party service provider, which allowed the attacker to infiltrate Crunchyroll’s environment. The threat actor stated that access was detected and revoked by the company within approximately 24 hours of the intrusion.
Crunchyroll responded by confirming that it is actively investigating the situation. However, the company has not yet verified the full extent of the breach or confirmed whether its core systems were directly compromised. This leaves uncertainty around the scale and impact of the incident, particularly regarding sensitive user data.
The alleged breach highlights ongoing risks associated with third-party vendors and supply chain vulnerabilities, which have increasingly become a common entry point for cyberattacks. In this case, initial indications suggest the attack may not have originated from Crunchyroll’s internal infrastructure but rather through an external partner.
While no official confirmation has been provided on financial or highly sensitive personal data exposure, the reported scale of the breach has raised concerns among users and cybersecurity experts. Crunchyroll has yet to release detailed findings from its investigation but is expected to provide further updates as more information becomes available.
