Skip to content
Data breachUnknown

Data leak at Wakanim

Wakanim user data surfaced in a misconfigured, publicly accessible ElasticSearch server hoarding ~95 million records from 17 past French breaches, exposing names, emails, postal and IP addresses and phone numbers.

Victim
Wakanim

On 20 December 2024, Wakanim β€” the French anime streaming service (part of the Crunchyroll group) β€” was named among the victims of a sprawling data exposure first reported by Cybernews researchers. Wakanim itself was not freshly hacked here: its user records appeared as one corpus inside a publicly reachable, unsecured database left open by an unidentified actor dubbed a "mysterious data hoarder."

The exposure stemmed from a misconfigured ElasticSearch instance accessible over the internet without any authentication. The roughly 30 GB store held about 95 million records, corresponding to an estimated 68 million distinct identities, compiled from 17 earlier breaches affecting French organisations including Darty, Discord, Go-Sport, Intersport, LDLC, SFR, Snapchat, Shadow and Wakanim.

Exposed data categories across the aggregated dataset included:

  • Full names (first and last)
  • Email addresses and usernames
  • Postal/home addresses
  • Phone numbers
  • IP addresses

Because the trove combined many prior leaks, the count attributable to Wakanim alone is not isolated in the sources. The identity and motive of the hoarder remain unknown, and no confirmed remediation timeline for Wakanim records has been published, so the incident's status is unclear.

Sources

  1. cybernews.comhttps://cybernews.com/security/french-records-exposed-by-mysterious-data-hoarder/
  2. incyber.orghttps://incyber.org/en/article/massive-database-of-french-internet-users-leaked-online/
  3. oodaloop.comhttps://oodaloop.com/briefs/cyber/over-90-million-french-records-exposed-mysterious-data-hoarder-leaves-instances-open/

Related incidents

Data breachResolved

Wakanim data breach (2022)

In August 2022, the European streaming service Wakanim suffered a data breach which was subsequently advertised and sold on a popular hacking forum. The breach exposed 6.7M customer records including email, IP and physical addresses, names and usernames.

Victim
Wakanim
Records
6.7M
Data breachContained

Leak at Molotov

Around 13 November 2024, French streaming TV service Molotov disclosed a data breach exposing roughly 10.8 million email addresses, along with the names and dates of birth of users who had supplied them; no passwords or banking data were affected.

Victim
Molotov
Records
10.8M