Anime fans worldwide started to panic as alarming headlines emerged on social media platforms like X. As per the unverified reports, there was a major data breach at Crunchyroll. While the streaming giant, boasting millions of worldwide subscribers, is choosing to stay calm, the cybersecurity analysts are pointing fingers at their outsourcing partner, based in India. With the leaked sample data, which is already making rounds on social media, the entire panic has fans worried. Users are now scrambling to protect their accounts.
Social media erupts with panic as users share alarming warnings
Panic first waves hit on X, when users started to share their urgent warnings about an alleged breach. A user did not hold back, posting all in caps, saying, “CHANGE YOUR PASSWORD RIGHT NOW CRUNCHYROLL HAS APPARENTLY BEEN HACKED Currently what was exposed >Email Address >IP Address >Credit Card Information and more.”
Another concerned user then expressed frustration over the silence of the company, suggesting, “Oh! That’s every single credit card that is used on Crunchy Roll being leaked! And Crunchy Roll decided to warn absolutely no one! Great! Glad I don’t use it.”
Panic started to intensify as the cybersecurity-focused accounts then started to weigh in with their technical details. One of the accounts tracking digital threats reported that this breach started allegedly on March 12, 2026, as malware from the phishing email at Telus International, the outsourcing partner of Crunchyroll in India, stole Okta credentials.
As per the same source, a hacker has reportedly accessed the customer databases for approx. 24 hours, before it was detected. Some leaks that were shared online include the screenshots from Slack and the user records containing their IP addresses, names, emails, and locations spanning across the US, Brazil, India, Mexico and other countries.
Is there an official statement received about this breach yet?
While Crunchyroll did not yet publicly address mounting allegations, Telus Digital on March 12 ensured leaked files explained. They confirmed about the suffered security incident. As stated by the outsourcing firm, “threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach.”
In the statement that was released earlier in March, Telus Digital said they are now investigating a cybersecurity incident, including unauthorized access to a few of their systems. It was further added by the company that they have taken some immediate steps to address this unauthorized activity. They also shared that they have implemented some additional security measures.
The connection between 2 incidents is still unclear. Crunchyroll has, for now, continued to ignore communications about breach allegations, as per the threat actor who spoke to the cybersecurity outlets. The silence coming in from them spark fears of a future ahead, and it just keeps adding to subscriber anxiety. It is especially as the platform has already faced a class-action lawsuit early in 2026, over the alleged unauthorized sharing of the user’s viewing data.
As of now, security experts recommend that Crunchyroll users change passwords immediately. They have even recommended that users enable two-factor authentication and monitor their financial accounts for suspicious activity. So, until an official statement emerges, caution is the only thing that remains in line of defense.
