{"id":11533,"date":"2026-03-23T10:03:38","date_gmt":"2026-03-23T10:03:38","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/03\/23\/crunchyroll-data-breach-threat-actor-claims-exfiltration-of-100-gb-of-user-data\/"},"modified":"2026-03-23T10:03:38","modified_gmt":"2026-03-23T10:03:38","slug":"crunchyroll-data-breach-threat-actor-claims-exfiltration-of-100-gb-of-user-data","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/03\/23\/crunchyroll-data-breach-threat-actor-claims-exfiltration-of-100-gb-of-user-data\/","title":{"rendered":"Crunchyroll Data Breach \u2014 Threat Actor Claims Exfiltration of 100 GB of User Data"},"content":{"rendered":"
Crunchyroll Data Breach \u2014 Threat Actor Claims Exfiltration of 100 GB of User Data \n \t
\n <\/BR> \n \n \t
\n <\/BR><\/p>\n
\n
A threat actor has allegedly exfiltrated approximately 100 GB of personally identifiable information (PII) from Crunchyroll, the Sony-owned anime streaming giant, after gaining access through a compromised employee at the platform\u2019s outsourcing partner, Telus.<\/p>\n
The breach, which reportedly occurred on March 12, 2026, has not been publicly acknowledged by Crunchyroll as of this writing.<\/p>\n
According to the threat actor, who contacted Cyber Digest, the intrusion was made possible after an employee at Telus Crunchyroll\u2019s business process outsourcing (BPO) partner executed malware on their workstation.<\/p>\n
This infection provided the attacker with a foothold into Crunchyroll\u2019s internal environment, enabling lateral movement into sensitive customer-facing systems, including the company\u2019s ticketing infrastructure.<\/p>\n
This attack vector aligns with a broader pattern observed in the Telus Digital incident confirmed on March 12, 2026, in which threat actors claimed to have stolen data from Telus and numerous companies that rely on the firm for BPO services such as customer support, AI data operations, and content moderation.<\/p>\n
Because BPO providers handle authentication and billing tools across multiple client environments, they remain attractive high-value targets for threat actors seeking to maximize breach scope through a single intrusion.<\/p>\n
Data Exfiltration by Attackers<\/strong><\/h2>\n
Cyber Digest analyzed a sample of the exfiltrated data provided by the threat actor, which contained highly sensitive categories of customer information, including:<\/p>\n
\n
IP addresses<\/li>\n
Email addresses<\/li>\n
Credit card details<\/li>\n
Customer analytics data (PII)<\/li>\n<\/ul>\n
The threat actor claims a total of 100 GB of data was pulled from Crunchyroll\u2019s customer analytics environment and ticketing system. The nature of the exposed data poses significant risks of identity theft, financial fraud, and targeted phishing campaigns for affected subscribers.<\/p>\n\n
\n
\n
\n
BREAKING: Crunchyroll breached through outsourcing partner in India.<\/p>\n
A threat actor exfiltrated data from Crunchyroll’s ticketing system and also managed to pull 100 GB of personally identifiable customer analytics data.<\/p>\n
![\"\ud83d\udea8\"](\"https:\/\/i0.wp.com\/s.w.org\/images\/core\/emoji\/17.0.2\/72x72\/1f6a8.png?ssl=1\")
![\"\u203c\"](\"https:\/\/i0.wp.com\/s.w.org\/images\/core\/emoji\/17.0.2\/72x72\/203c.png?ssl=1\")
BREAKING: Crunchyroll breached through outsourcing partner in India.<\/p>\n