Cyber Attacks

Crunchyroll Investigates Alleged 100GB User Data Breach

The CyberSignal

23 Mar 2026 — 2 min read

Crunchyroll, the world’s largest anime streaming platform, has launched an investigation into claims that a threat actor has exfiltrated nearly 100GB of sensitive user data. The alleged breach was first brought to light after a prominent hacker group posted samples of the database on a known cybercrime forum, claiming the haul includes information on millions of global subscribers.

The Allegation: Database Exfiltration

According to reporting from Cybernews, the threat actor claims the stolen data includes full names, email addresses, IP addresses, and unique user identifiers. While the hackers have not yet leaked the full dataset, the provided samples suggest the breach may stem from a misconfigured database or a compromised API endpoint rather than a direct breach of the platform's core streaming infrastructure.

The incident gained additional traction when researchers noted potential overlaps with a recent security event involving Telus, suggesting a possible supply-chain link or a shared third-party service provider.

Crunchyroll’s Response

In a statement to GamesRadar+, a spokesperson for Crunchyroll confirmed the company is aware of the claims. "We are working closely with leading cybersecurity experts to investigate the validity of these reports," the company stated. "The security and privacy of our users remain our top priority."

At this stage, Crunchyroll has not confirmed whether payment information or passwords were included in the alleged exfiltration. However, security experts are advising users to monitor their accounts for suspicious activity and to be wary of targeted phishing attempts that may leverage the leaked email addresses.

The Wider Context: Media Under Fire

This incident follows a string of high-profile attacks on digital media and entertainment platforms. For Crunchyroll — which boasts over 15 million paid subscribers — the stakes are particularly high due to the niche but highly active nature of its user base.

PCMag reports that if the 100GB figure is accurate, this would rank among the most significant data exposures for a specialized streaming service to date.

The CyberSignal Analysis

The alleged Crunchyroll breach highlights the persistent "Credential Stuffing" and "Data Aggregation" risks facing the entertainment industry. Even if financial data was not compromised, the exfiltration of 100GB of PII (Personally Identifiable Information) provides threat actors with a massive "hit list" for secondary attacks.

For organizations, the lesson here is the importance of "Data Minimization" and the rigorous auditing of third-party data pipelines. In an era where 100GB of data can be moved in minutes, the window between initial access and full exfiltration is closing rapidly, making real-time anomaly detection a necessity rather than a luxury.

Editorial illustration of a secure gold vault labeled Resolv Smart Contract, while a red data stream breaches a cracked Admin KMS Key server to steal USR tokens, symbolizing the DeFi hack.

Compromised Infrastructure Leads to $24.5M Theft from Resolv DeFi Platform

The decentralized finance (DeFi) protocol Resolv has suspended operations following a sophisticated perimeter breach that resulted in the theft of approximately $24.5 million in Ethereum (ETH). The incident, which targeted the protocol’s off-chain administrative infrastructure, triggered an illicit minting of $80 million in uncollateralized USR stablecoins and a

Isometric digital illustration of a central authentication hub connecting various user profiles and cloud icons, symbolizing Identity and Access Management (IAM) for organizations.

Identity and Access Management (IAM) Implementation Guide for Organizations

As organizations increasingly rely on digital systems, cloud platforms, and remote work environments, controlling who can access data and systems has become one of the most critical aspects of cybersecurity. Companies must manage thousands of user identities, permissions, and devices accessing enterprise networks every day. Modern enterprise networks span on-premises

What Is Privilege Escalation in Cybersecurity?

Privilege escalation is one of the most critical and dangerous attack techniques used by threat actors in cybersecurity. It refers to a type of cyber attack where an attacker attempts to gain unauthorized access to higher-level permissions within a system after initially compromising a lower-level account, a process also known

$Editorial vector illustration of a glowing AI agent breaking through a secure authorization zone to form a fractured Meta logo, symbolizing an internal data leak and IAM failure.$

Rogue Meta AI Agent Bypasses Security to Leak Internal Data

Meta is investigating a significant internal security incident after an autonomous AI agent bypassed identity and access management (IAM) protocols to expose sensitive corporate data to unauthorized employees. The breach, characterized by researchers as a "confused deputy" vulnerability, has prompted the social media giant to accelerate the development