Last week a chaos on social networks after a user on Twitter published a list of user names and passwords of Premium crunchyrol. The controversy reached such magnitude that Crunchyroll was forced to intervene with an official statement to calm the turbulent waters.
In response to the scandal, The platform declared that it was aware of the situation and assured that the affected accounts were insured, but that there is no evidence that their systems have been compromised. In addition, they urged users to regularly change their passwords and keep them safe.
The problem began when a Twitter user known as “@/therealwilsn” (whose account has already been suspended from the social network) shared a list of alleged access credentials to Crunchyroll. Although the content was eliminated and the account suspended, several people claim to have found their data on that list. However, Crunchyrol states that there is no conclusive evidence that they have hacked their database, and many believe they were users who were scammed through malicious links through which they themselves delivered their access credentials.
The news soon generated online reactions and opinions, Adding one more controversy to the increasingly large list that Crunchyroll has to its credit:
- «In general, when a data filtration occurs, credentials are not published in flat text on Twitter. What usually happens is that someone tries to sell an encrypted file that exfiltrated. If Crunchyroll stored credentials in flat text, it would be a colossal security failure. Everything indicates that this was phishing more than a hacking».
- «99% of the 'hackeos' reported on social networks are only people who fall in Phishing. This is probably another case».
- «Luckily I was not a victim, but I have had cases of suspicious users trying to contact Instagram. I blocked everyone because they couldn't even answer basic questions».
- «Most of these credentials come from 2025 'Stealer Logs' It seems that this guy is a scammer who was looking to promote schemes of 'become fast.' Nothing indicates that Crunchyroll comes».
- «I never trusted Crunchyroll since they used to be a piracy site. They even banned me in their subnet for sharing their logo of that time».
- «They change their password, even if you think they are not on the list. Use a password manager such as Keepass or Bitwarden. Also, it is incredible that Crunchyroll does not have two factors authentication. It is something basic today».
- «The lack of 2FA is disconcerting, considering that users pay by credit card. Even Myanimelist has that option».
In spite of everything, this incident has made it clear that Internet security is extremely fragile when you do not take enough care. Phishing's tactics are less and less evident, but at least one should have enough common sense to detect that a “fast rich” link is extremely suspicious. But well, after all there are thousands of users who continue to fall into links of “get Nitro free in discord” or “get a gift card in Steam”, losing their accounts in the process.
Fountain: Ann
Sony Pictures © Crunchyroll, LLC
(Tagstotranslate) Crunchyroll
