The ShinyHunters extortion group has claimed responsibility for a data breach affecting Vimeo, with leaked data reportedly exposing personal information belonging to more than 119,000 people.

Vimeo, a video hosting and streaming platform with over 300 million registered users, disclosed in April that unauthorized access to customer and user data occurred after a breach involving Anodot, a data anomaly detection company connected to its systems.

At the time, Vimeo said its investigation found that the attackers mainly accessed technical information, video titles, metadata, and in some cases, customer email addresses. The company also stated that user passwords, payment card details, and video content were not compromised during the incident.

Following the attack, Vimeo disabled all Anodot credentials, removed the integration from its systems, and brought in third-party security experts to investigate the breach. The company also notified law enforcement agencies.

After Vimeo refused to meet extortion demands, ShinyHunters published a 106GB archive of allegedly stolen documents on its dark web leak site. The group claimed the attack was made possible through compromised Anodot-related access to Snowflake and BigQuery environments.

Data breach tracking service Have I Been Pwned later analyzed the leaked files and reported that the breach exposed email addresses and, in some cases, names belonging to 119,200 individuals.

ShinyHunters previously told BleepingComputer that it had targeted multiple companies using stolen Anodot authentication tokens. The group also said it attempted to access Salesforce environments but claimed AI-based security systems blocked some of those attacks.

READ
WhatsApp Introduces Usernames to Let Users Chat Without Sharing Phone Numbers

The cybercrime group has also been linked to large-scale vishing campaigns targeting Microsoft Entra, Okta, and Google single sign-on accounts used by employees and outsourcing firms. Once inside corporate systems, the attackers reportedly steal data from connected SaaS platforms, including Salesforce, Slack, Adobe, Dropbox, Google Workspace, Microsoft 365, Zendesk, Atlassian, SAP, and others.


Buy ExpressVPN with PayPal or Credit Card

In recent months, ShinyHunters has also claimed attacks targeting organizations including the European Commission, Rockstar Games, McGraw Hill, Medtronic, Carnival, Zara, 7-Eleven, and Udemy.

Advertisement