Overview
- Crunchyroll now says its ongoing probe points to exposure limited to customer service ticket data from a third‑party vendor and it reports no evidence of ongoing access.
- The hacker claims they got in on March 12th by infecting a Telus International support agent’s computer with malware to steal Okta single sign-on credentials.
- The attacker says they pulled about 8 million support tickets containing roughly 6.8 million unique email addresses and up to 100 GB of related data including names, emails, IP addresses, general locations, and ticket text.
- BleepingComputer reviewed samples that showed credit card details only where users shared them in tickets, often just last four digits or expiration dates, with a few full numbers reported by the hacker.
- The hacker says access lasted about 24 hours starting March 12th and they later demanded $5 million not to leak the data, raising phishing and identity fraud risks for a user base that counted over 17 million paid members last year.