Last week a chaos on social media after a Twitter user posted a list of Crunchyroll Premium usernames and passwords. The controversy reached such a magnitude that Crunchyroll was forced to intervene with an official statement to calm the turbulent waters.

Sony Pictures © Crunchyroll, LLC

In response to the scandal, The platform stated that it was aware of the situation and assured that the affected accounts were secured, but that there is no evidence that its systems have been compromised. Additionally, they urged users to regularly change their passwords and keep them secure.

The problem began when a Twitter user known as “@/therealwilsn” (whose account has already been suspended from the social network) shared a list of supposed Crunchyroll access credentials. Although the content was removed and the account suspended, several people claim to have found their data on that list. However, Crunchyroll claims that there is no conclusive evidence that its database has been hacked, and many believe that these were users who were scammed through malicious links through which they themselves provided their access credentials.

Sony Pictures © Crunchyroll, LLC

The news did not take long to generate reactions and opinions online, adding one more controversy to the growing list that Crunchyroll has under its belt:

  • «Generally, when a data breach occurs, plain text credentials are not posted to Twitter. What usually happens is that someone tries to sell an encrypted file that they exfiltrated. If Crunchyroll stored credentials in plain text, it would be a colossal security flaw. Everything indicates that this was phishing rather than a hack».
  • «99% of the ‘hacks’ reported on social networks are just people who fall for phishing. This is probably another case».
  • «Luckily I was not a victim, but I have had cases of suspicious users trying to contact me on Instagram. I blocked everyone because they couldn’t even answer basic questions».
  • «Most of these credentials come from ‘stealer logs’ malware from 2025, according to HaveIBeenPwned. It seems this guy is a scammer looking to promote ‘get rich quick’ schemes. Nothing indicates that it comes from Crunchyroll».
  • «I never trusted Crunchyroll since they used to be a piracy site. They even banned me from their subreddit for sharing their logo from that time».
  • «Change your password, even if you think you are not on the list. Use a password manager like KeePass or BitWarden. Also, it’s amazing that Crunchyroll doesn’t have two-factor authentication. It’s something basic nowadays».
  • «The lack of 2FA is puzzling, considering users pay by credit card. Even MyAnimeList has that option».

Despite everything, this incident has made it clear that Internet security is extremely fragile when sufficient care is not taken. Phishing tactics are becoming less obvious, but one should at least have enough common sense to detect that a “get rich quick” link is extremely suspicious. But hey, after all there are thousands of users who continue to fall for links to “get Nitro for free on Discord” or “get a gift card on Steam”, losing their accounts in the process.

Fountain: ANN

Sony Pictures © Crunchyroll, LLC

Tags:
Shares:
Leave a Reply

Your email address will not be published. Required fields are marked *