Crunchyroll, the popular anime streaming service owned by Sony, is dealing with serious security concerns. Reports surfaced about a possible data breach where hackers claim to have stolen 100GB of user information. The anime community is worried, and many subscribers are now taking steps to protect their accounts. While the company has not officially confirmed a breach, the timing comes after a separate class-action lawsuit was filed against the platform for allegedly sharing user viewing data without permission.
What Happened with the Reported Data Breach
According to cybersecurity reports, an attack took place on March 12, 2026. Hackers claim they got into Crunchyroll’s internal systems through a third-party outsourcing partner called Telus Digital. The reports say a Telus employee unknowingly ran malware on their work computer. This gave the attackers a way into systems connected to Crunchyroll’s customer support and ticketing tools.
The attackers say they kept access for less than 24 hours before being removed. But in that short time, they claim to have taken around 100GB of data. Cybersecurity researchers who looked at sample data say the stolen information includes email addresses, IP addresses, credit card details, and customer analytics data.
A cybersecurity newsletter called Cyber Digest first reported the incident. The hacking group known as ShinyHunters is reportedly behind the attack. This same group has been linked to previous breaches at companies like Bumble, Match Group, and Panera Bread.
Telus has acknowledged a security incident. The company said an unauthorized party accessed a “limited number” of its systems and that they are investigating.
Crunchyroll’s Response to the Security Concerns
Crunchyroll has not released an official statement confirming or denying the reported breach. However, the company did respond to a separate security issue earlier. In mid-March, login credentials for about 50 Crunchyroll Premium accounts were posted on social media.
A Crunchyroll spokesperson told news outlets at that time:
“We are aware that login credentials for several streaming services, including Crunchyroll, were posted on social media and have resolved the issue. We have secured the affected accounts, investigated the situation and determined that there is no evidence that Crunchyroll’s systems have been compromised.”
The company also encouraged subscribers to change their passwords regularly and keep them confidential.
The Class-Action Lawsuit Adds to Worries
Beyond the breach claims, Crunchyroll is also facing legal trouble. A class-action lawsuit was filed in a federal court in California under the case Cabonios v. Crunchyroll, LLC. The lawsuit accuses the platform of sharing users’ private viewing habits and personal information with a third-party marketing company called Braze without getting proper consent.
According to the lawsuit, Crunchyroll’s mobile app used a software development kit (SDK) from Braze. Through this, the app allegedly shared email addresses, device identifiers, and details about what anime titles and episodes users were watching. The complaint says these practices have been happening since at least 2022.
The lawsuit points to the Video Privacy Protection Act (VPPA) , a US federal law from 1988. This law stops companies from sharing video viewing history without clear permission. If found responsible, Crunchyroll could face up to $2,500 in damages per affected user.
This is not the first time Crunchyroll has dealt with such claims. In 2023, the company agreed to a $16 million settlement in another class-action lawsuit over similar allegations. The company denied wrongdoing in that case but chose to settle.
How Anime Fans Can Protect Themselves
Security experts suggest taking steps to protect your account and personal information. Even without official confirmation, these precautions can help reduce risks.
- Change your password right away. If you use the same password on other websites, change those too. Make sure your new password is strong and not easy to guess.
- Turn on two-factor authentication (2FA). This adds an extra layer of security. Even if someone gets your password, they would still need a second code to get into your account.
- Check your bank statements. Watch for any charges you do not recognize. If you saved payment details on Crunchyroll, pay extra attention to your transaction history.
- Be careful with emails. Scammers often send fake emails after data breaches. They may pretend to be from Crunchyroll and ask you to click a link or share personal information. Do not click links in suspicious emails. Go directly to the official website instead.
- Review your account activity. Look at what devices are connected to your account. If you see anything unfamiliar, remove it.
Also Read:
What This Means for the Anime Community
For many anime fans, Crunchyroll is more than just a streaming app. It is where they watch new episodes every week and stay connected to the community. News about possible data problems hits harder because the platform is such a big part of daily life for so many people.
The timing of these events has made fans uneasy. Between the reported breach claims, the leaked login details, and the lawsuit over data sharing, users are left wondering if their information is safe. Some have taken to social media to share their concerns and warn others to update their security settings.
While Crunchyroll has not confirmed the 100GB breach, the company did secure the accounts that were posted online and said they found no evidence of system compromise at that time. For now, users can only wait for an official statement while taking steps to protect themselves.
Also Read: Paradise Season 2 Episode 7: Jane Driscoll’s Fate and Xavier’s Big Reunion Explained
For more updates on anime, streaming platforms, and entertainment news, keep checking VvipTimes for the latest developments.
