Crunchyroll is investigating a breach after attackers claimed to have stolen personal information for approximately 6.8 million users by compromising an Okta SSO account of a Telus International support agent. The attackers say they used malware to obtain credentials, accessed multiple Crunchyroll applications including Zendesk to download 8 million support tickets, and demanded $5 million in extortion while credit card exposure appears limited to data customers shared in tickets. #Crunchyroll #Zendesk
Keypoints
- Attackers claimed to breach Crunchyroll on March 12 by accessing an Okta SSO account tied to a Telus International support agent.
- Malware was allegedly used to steal the agentβs credentials, granting access to Crunchyroll apps like Zendesk, Slack, and Google Workspace Mail.
- Threat actors say they downloaded 8 million support tickets from Zendesk, containing roughly 6.8 million unique email addresses and other personal details.
- Credit card details were only exposed when customers included them in support tickets, with few full card numbers reported.
- The attackers demanded $5 million in extortion, highlighting how BPO compromises and social engineering of support staff are high-value vectors for wide-scale data theft.