US Edition'An Unauthorized Actor Accessed Certain Vimeo User and Customer Data': Vimeo Confirms Security Incident, Blames Attack on Anodot Breach
Vimeo said the exposed data mainly included technical records and video metadata, while login credentials and payment card information were not affected.
- On Monday, Vimeo disclosed that an unauthorized actor accessed user data following a breach at Anodot, a business monitoring tool, exposing technical data, video titles, metadata, and some customer email addresses.
- ShinyHunters, an extortion group, gained access by stealing Anodot authentication tokens to infiltrate Vimeo's Snowflake and BigQuery environments, targeting cloud-based software providers.
- Vimeo, which has 287 million users, stated the impact remains unclear, but confirmed that video content, account credentials, and payment card information remain secure and platform operations were unaffected.
- ShinyHunters is threatening to leak stolen data on Thursday unless a ransom is paid; Vimeo has disabled all Anodot credentials and notified law enforcement in response.
- This incident aligns with ShinyHunters' pattern of targeting cloud-based software, similar to the theft of data from ADT, a home security provider, involving 5.5 million users and prior claims of 78.6 million records from Rockstar Games, a game development studio.
12 Articles
12 Articles
Data security on large platforms returned to the focus of attention after the data leak in Vimeo, an incident that raises concerns about risks in digital supply chains. The violation did not occur directly in Vimeo's systems, but through a third-party partner, Anodot, demonstrating how external integrations can become critical points of attack. The episode gained even more severity with the possible action of the ShinyHunters group, known for ex…
Vimeo Confirms Data Breach - Hackers Accessed Users Database
Video hosting platform Vimeo has confirmed a data breach resulting in unauthorized access to its user database. The security incident stems from a compromise at Anodot, a third-party analytics vendor utilized by Vimeo and several other major organizations. This event highlights the escalating threat of supply chain attacks within the software-as-a-service (SaaS) ecosystem. The breach has been linked to the notorious threat actor group known as S…
After a hacker attack by the service provider Anodot, the ShinyHunters group threatens to release Vimeo user data. The video platform Vimeo is the latest target of a large-scale blackmail campaign by the hacker group ShinyHunters, as Vimeo confirmed. Cybercriminals announced that they have gained access to data from Vimeo's cloud storage. The group threatens to publish the information if the company does not have a ransom previously not mentione…
Coverage Details
Bias Distribution
- 67% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
