This New Crunchyroll Breach Detail Changes Everything for Users

Published Apr 4, 2026, 2:26 PM EDT

Umair is a contributor for the ScreenRant anime section. He has always been enthusiastic about pop culture. Whether it's anime, movies, TV shows, manga, manhwa, video games, or pop music, he is always tuned in.

From the classic Dragon Ball to the underrated Dororo, he has a broad knowledge of the most.

When he's not writing, you may find him editing on his favorite anime, movie, or pop star on his Instagram.

Over 1.2 Million Stolen Crunchyroll Accounts Have Officially Been Sold Online

On April 4, IntCyberDigest took to X (formerly Twitter) to share a concerning update about Crunchyroll's data breach. Their latest report claims that the compromised user data, which originally leaked on March 12 through an outside partner company operating in India, has officially been sold online.

BREAKING: The Crunchyroll breach data, leaked via an Indian outsourcing partner, has been sold. 1.2 million of 2 million customer records were purchased by a single buyer. We've obtained the 1.2 million emails from Mr. Raccoon and will be sharing them with HaveIBeenPwned.

According to Cyber Digest, out of the two million customer profiles that were exposed during the leak, 1.2 million of those records were purchased by a single anonymous buyer. Cyber Digest claims they have successfully managed to acquire that batch of emails from an informant known as "Mr. Raccoon." Moving forward, the group is preparing to share that data with the digital security website Have I Been Pwned to help users protect their accounts.

Though the update from Cyber Digest will undeniably be a cause for concern to many, it is important to note that this report is unverified at this time.

Now that the compromised emails are being shared with Have I Been Pwned, searching an email address on their site is the fastest way to check for any danger. If the website flags an email, it means that the user was caught up in this data breach.

Updating passwords immediately is a critical first step, especially for someone who reuses the same login info for multiple online accounts. Whoever bought all this stolen information is almost certainly going to use bots to test those logins on banking apps, video game platforms, and other streaming services.

Because of that risk, regardless of whether a subscriber's email shows up in the breach or not, resetting to a unique password is the safest possible choice.

Related

10 Spring 2026 Anime Every Fan Needs to Add to Their Watchlist Now

From Re:ZERO's darkest arc yet to the highly anticipated debut of Liar Game, the Spring 2026 lineup is packed with great anime.

On top of the password issue, scammers now have their hands on a huge, confirmed list of active anime watchers. Moving forward, the community may see fake emails pretending to be Crunchyroll Support, claiming that a subscription charge failed or some other seemingly innocuous request designed to convince users to willingly give sensitive information.

Avoiding suspicious links inside those shady emails and instead going straight to the official website on a browser is the best way to dodge these traps.

Lastly, while nobody knows for sure yet if actual credit card numbers were stolen during that initial vendor hack, keeping a close eye on any linked bank accounts or PayPal profiles is strongly recommended. Hackers tend to test out active payment methods with small, random purchases before they try to drain larger amounts of cash.

While Crunchyroll previously acknowledged the initial incident and issued an official statement, the company has not released a statement about Cyber Digest's X post. Until official word is out, Crunchyroll users should be on high alert to ensure that more information isn't stolen.