6.8 Million Crunchyroll Users Affected by Data Breach — What Has Been Reported So Far

By

6.8 Million Crunchyroll Users Affected by Data Breach — What Has Been Reported So Far

You are currently viewing 6.8 Million Crunchyroll Users Affected by Data Breach — What Has Been Reported So Far
A cyberattack on a popular streaming platform like Crunchyroll may expose user data and increase the risk of phishing and follow-up scams.

A hacker claims to have accessed data from 6.8 million Crunchyroll users, a popular anime streaming platform used worldwide. Here’s what happened — and what this breach reveals.

What Happened

According to TechRadar, Crunchyroll confirmed a cyberattack caused by unauthorized access through a third-party vendor.

The incident happened in March 2026, when a hacker infected a customer support agent’s computer with malware and gained access to their work account. This account connected directly to internal systems, including customer support tools.

The attacker reportedly had access for about 24 hours and used that time to download a large amount of internal data.

What Data Was Exposed

The attacker accessed around 8 million support tickets, affecting data linked to approximately 6.8 million users.

The stolen information may include:

  • email addresses
  • usernames and login details
  • IP addresses and general location data
  • customer support messages

The attacker did not access payment information directly. However, any payment details shared inside support tickets may have been exposed.

What Crunchyroll Says

Crunchyroll confirmed it knows about the incident and is currently investigating with cybersecurity experts.

The company stated that:

  • the breach likely affected only customer support data
  • there is no evidence of ongoing unauthorized access
  • the company continues to monitor its systems closely

The attacker reportedly demanded $5 million to delete the stolen data, but the company did not respond to the demand.

Futureproof monitors your digital data and alerts you early — before small risks grow into bigger problems. Get started today to stay protected all year long.

Person using a laptop with warning icons and email alert symbol indicating phishing risk
Attackers can use stolen emails and account data to send convincing phishing messages and scam alerts.

What This Incident Reveals

Even when payment data is not exposed, breaches like this can create serious risks.

Stolen emails, account details, and support messages can be used in:

  • phishing emails that look legitimate
  • account takeover attempts
  • targeted scams using real user information

The FBI warns that scammers use unexpected messages and impersonation to trick people into sharing information or clicking harmful links.

Taking a moment to pause, verify unexpected messages, and avoid clicking unknown links can help prevent follow-up attacks after incidents like this.