Crunchyroll, the leading subscription platform for anime streaming, is currently investigating word that it suffered a major cyberattack, one that reportedly has put millions of users’ personal information at risk. The platform, which is home to several major anime series, like One Piece and Demon Slayer, as well as smaller, more niche titles, is available in dozens of countries and territories, making the issue particularly troublesome.
The claims follow a social media post from International Cyber Digest, a cybersecurity newsletter, that claims to have received word from the alleged hacker about the breach. There, screenshots that are reportedly from Crunchyroll’s IT systems were shared, giving further credence to the possibility of a cyberattack.
Apparently, the breach dates back to March 12, as first reported by PCMag, with a hacker sharing that they’ve been able to steal user and IP data.
Anne Shirley Is The Closest We’re Ever Getting To Stardew Valley Anime
This Anne of Green Gables adaptation might be the cutest anime of the year.
“We are aware of recent claims and are currently working closely with leading cybersecurity experts to investigate the matter,” Crunchyroll said at the time in a statement to PCMag.
The Breach Revolves Around Customer Service Ticket Data
A few hours later, the company was able to further determine the nature of the attack, pinpointing its nature to customer service data via support tickets.
“At this time, we believe that the information is primarily limited to customer service ticket data following an incident with a third-party vendor,” PCMag further reported. “We have not identified evidence of ongoing access to systems in relation to these claims. We are continuing to monitor the situation closely.”
Separately, BleepingComputer, an “information security and technology news publication” that also focuses on cybersecurity, has reported that the attack stems from gaining access to a support agent’s SSO login.
Attackers claim that over 8 million support tickets were intercepted from the Zendesk program. Of that number, 6.8 million are reportedly unique email addresses.
Usernames, login names, email address, IP address, general geographic location and the contents of the support tickets are among the information included in these tickets. BleepingComputer further states that credit card information is indeed part of these tickets, though often limited to four-digit numbers or expiration dates and only when included for use within the ticket itself.
The attack on Crunchyroll is not unprecedented, as Business Process Outsourcers, per BleepingComputer, are often prime targets for cyberattacks as they often have tons of customer data, including billing information. More so, compromising a single employee can often lead to gaining large amounts of user data, making them a strong target.
For now, it’s probably best that any user of Crunchyroll resets their password and checks for any suspicious attempts. Until there’s an all clear, it’s probably best to exercise some caution.
There Is No Excuse For Not Casting A Trans Actor To Play Lev In The Last Of Us
Cisgender woman Kyriana Kratter has been cast as trans character Lev in HBO’s The Last Of Us.
