Crunchyroll Suffers 100GB Data Breach via Compromised Telus Employee Account
On March 12, 2026, an attacker gained unauthorized access to Crunchyroll's systems by exploiting a compromised account belonging to a Telus Digital employee who provided outsourced support services to the anime streaming platform. Within approximately 24 hours, before access was revoked, roughly 100GB of sensitive data was exfiltrated, including customer support records, user analytics, subscription details, and potentially payment information. The breach is linked to the earlier Telus Digital security incident reported in early March 2026, highlighting how third-party contractor credentials can serve as an entry point into larger platforms. Security researchers suggest the attacker likely conducted prior reconnaissance, given the speed and volume of the data extraction. As of March 23, 2026, neither Crunchyroll nor its parent company Sony had issued any public statement regarding the incident.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in