- Crunchyroll confirms cyberattack by way of third-party vendor
- Hacker accessed assist agent’s Okta account, exfiltrated 8M tickets with 6.8 million emails
- Attacker demanded $5m ransom; firm investigating, fee knowledge in a roundabout way compromised
Anime streaming platform Crunchyroll has confirmed struggling a cyberattack and mentioned it was at present investigating claims of information theft.
A menace actor working for an unknown hacking group lately informed BleepingComputer they’d contaminated a assist agent’s laptop with malware and obtained entry to their Okta SSO account for twenty-four hours.
This agent, apparently working for the Telus Worldwide enterprise course of outsourcing (BPO) firm, had entry to Crunchyroll’s assist tickets, which the attacker exfiltrated – and accessing Zendesk, they managed to drag eight million assist tickets, allegedly containing 6.8 million distinctive electronic mail addresses.
Article continues under
You might like
A whole lot of compromised websites
Different knowledge apparently stolen within the assault embrace folks’s usernames, login names, electronic mail addresses, IP addresses, normal geographic places, and the contents of the assist tickets.
Cost info was not accessed, until it was shared within the ticket. They have been additionally allowed to entry different apps, reminiscent of Wizer, MaestroQA, Mixpanel, Google Workspace Mail, Jiro Service Administration, and Slack.
Crunchyroll has confirmed the incident, and that it’s trying into it.
“We’re conscious of current claims and are at present working intently with main cyber safety specialists to analyze the matter,” Crunchyroll mentioned.
“Our investigation is ongoing, and we proceed to work with main cybersecurity specialists. Right now, we imagine that the knowledge is primarily restricted to customer support ticket knowledge following an incident with a third-party vendor.”
“We’ve got not recognized proof of ongoing entry to techniques in relation to those claims. We’re persevering with to observe the state of affairs intently.”
The publication claims the hacker tried to extort Crunchyroll for cash, demanding $5 million in trade for deleting the stolen knowledge, however the firm didn’t reply to the provide.
The most effective antivirus for all budgets
Our prime picks, primarily based on real-world testing and comparisons
Observe TechRadar on Google Information and add us as a most popular supply to get our knowledgeable information, evaluations, and opinion in your feeds. Be sure that to click on the Observe button!
And naturally you may as well comply with TechRadar on TikTok for information, evaluations, unboxings in video type, and get common updates from us on WhatsApp too.
