Crunchyroll Breach: Malware Targets Supply Chain to Exfiltrate 100GB of Data

A data breach at Crunchyroll originated from its outsourcing partner, Telus in India, after a phishing email delivered malware to an employee. The malware stole Okta credentials, granting access to Crunchyroll’s systems and enabling the exfiltration of 100GB of customer data, including email addresses, IP addresses, and credit card details. The threat actor maintained access for 24 hours before credentials were revoked.