Crunchyroll has confirmed a data breach involving customer support ticket information following an incident linked to a third-party vendor, after a hacker claimed access to user data and internal systems.
The company said it is investigating the claims and working with cybersecurity experts, adding that it has not found evidence of ongoing unauthorized access.
Incident Linked To Third-Party Support Systems
Materials reviewed by cybersecurity sources suggest the attacker may have accessed Crunchyroll’s Zendesk system.
The breach is believed to have originated from a compromised employee account at Telus Digital, which provides customer support services.
Screenshots shared with TechCrunch appear to show internal Slack communications and support data, indicating potential access to internal systems. The attacker reportedly maintained access to support ticket data until early 2025, when it was revoked.
Crunchyroll has not confirmed whether the third-party vendor involved is Telus Digital.
Scope Of Data Exposure Unclear
The hacker claimed to have downloaded approximately eight million support ticket records, including around 6.8 million unique email addresses.
According to reports, the attacker said access was gained on March 12 by compromising an Okta single sign-on account belonging to a Crunchyroll support agent.
Company Background And Ongoing Investigation
Crunchyroll, acquired by Sony from AT&T in 2020 for $1.18 billion, operates as a joint venture between Sony Pictures Entertainment and Aniplex.
The platform offers more than 2,000 titles in over 12 languages and serves approximately 15 million subscribers worldwide.
Crunchyroll said its investigation is ongoing and that it continues to assess the scope and impact of the incident.
Featured image credits: Wikimedia Commons
For more stories like it, click the +Follow button at the top of this page to follow us.